{"id": "SOL15865", "type": "f5", "bulletinFamily": "software", "title": "SOL15865 - Apache HTTP server vulnerability CVE-2012-4558", "description": "Recommended action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability for ARX, do not enable the API functionality.\n\nSupplemental Information\n\n * The **Management Access **chapter in the ARX CLI Reference Guide\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "published": "2014-11-25T00:00:00", "modified": "2014-12-08T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 4.3}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "href": "http://support.f5.com/kb/en-us/solutions/public/15000/800/sol15865.html", "reporter": "f5", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/products/arx.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "cvelist": ["CVE-2012-4558", "CVE-2012-3499"], "immutableFields": [], "lastseen": "2021-06-08T18:45:08", "viewCount": 25, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2013-174", "ALAS-2013-175", "ALAS-2013-193", "ALAS-2013-194"]}, {"type": "centos", "idList": ["CESA-2013:0815"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2013-1635"]}, {"type": "cve", "idList": ["CVE-2012-3499", "CVE-2012-4558"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2637-1:5E82E", "DEBIAN:DSA-2637-1:AC782"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2012-3499", "DEBIANCVE:CVE-2012-4558"]}, {"type": "f5", "idList": ["SOL15899", "SOL15900"]}, {"type": "fedora", "idList": ["FEDORA:BBECA20AE3"]}, {"type": "freebsd", "idList": ["9C88D8A8-8372-11E2-A010-20CF30E32F6D"]}, {"type": "hackerone", "idList": ["H1:184877", "H1:66929"]}, {"type": "httpd", "idList": ["HTTPD:96868C7098375E8AF5DFDC8E12CFD336", "HTTPD:B07D6585013819446B5017BD7E358E6F", "HTTPD:F3F8B406C1D466C16D46C2BFD6505DEC", "HTTPD:FD1CC7EACBC758C451BA5B8D25FCB6DD"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APACHE-HTTPD-CVE-2012-3499/", "MSF:ILITIES/APACHE-HTTPD-CVE-2012-4558/", "MSF:ILITIES/CENTOS_LINUX-CVE-2012-3499/", "MSF:ILITIES/CENTOS_LINUX-CVE-2012-4558/", "MSF:ILITIES/HPUX-CVE-2012-4558/", "MSF:ILITIES/IBM-HTTP_SERVER-CVE-2012-3499/", "MSF:ILITIES/LINUXRPM-RHSA-2013-1011/", "MSF:ILITIES/LINUXRPM-RHSA-2013-1012/", "MSF:ILITIES/LINUXRPM-RHSA-2013-1207/", "MSF:ILITIES/LINUXRPM-RHSA-2013-1208/", "MSF:ILITIES/ORACLE-SOLARIS-CVE-2012-4558/", "MSF:ILITIES/SUSE-CVE-2012-3499/", "MSF:ILITIES/SUSE-CVE-2012-4558/"]}, {"type": "nessus", "idList": ["6700.PRM", "6701.PRM", "800118.PRM", "8008.PRM", "800961.PRM", "ALA_ALAS-2013-174.NASL", "ALA_ALAS-2013-175.NASL", "ALA_ALAS-2013-193.NASL", "ALA_ALAS-2013-194.NASL", "APACHE_2_2_24.NASL", "APACHE_2_4_4.NASL", "CENTOS_RHSA-2013-0815.NASL", "DEBIAN_DSA-2637.NASL", "FEDORA_2013-4541.NASL", "FREEBSD_PKG_9C88D8A8837211E2A01020CF30E32F6D.NASL", "JUNIPER_NSM_JSA10685.NASL", "JUNIPER_NSM_JSA10685_CRED.NASL", "MACOSX_10_8_5.NASL", "MACOSX_SECUPD2013-004.NASL", "MANDRIVA_MDVSA-2013-015.NASL", "OPENSUSE-2013-308.NASL", "ORACLELINUX_ELSA-2013-0815.NASL", "REDHAT-RHSA-2013-0815.NASL", "REDHAT-RHSA-2013-1011.NASL", "REDHAT-RHSA-2013-1012.NASL", "REDHAT-RHSA-2013-1207.NASL", "REDHAT-RHSA-2013-1208.NASL", "REDHAT-RHSA-2013-1209.NASL", "SLACKWARE_SSA_2013-062-01.NASL", "SL_20130513_HTTPD_ON_SL5_X.NASL", "SOLARIS11_APACHE_20130604.NASL", "SOLARIS11_APACHE_20131015.NASL", "SUSE_11_APACHE2-130327.NASL", "SUSE_APACHE2-8530.NASL", "UBUNTU_USN-1765-1.NASL", "WEB_APPLICATION_SCANNING_98902"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120096", "OPENVAS:1361412562310120097", "OPENVAS:1361412562310120558", "OPENVAS:1361412562310120559", "OPENVAS:1361412562310123628", "OPENVAS:1361412562310841365", "OPENVAS:1361412562310865511", "OPENVAS:1361412562310870998", "OPENVAS:1361412562310881727", "OPENVAS:1361412562310881733", "OPENVAS:1361412562310892637", "OPENVAS:841365", "OPENVAS:865511", "OPENVAS:870998", "OPENVAS:881727", "OPENVAS:881733", "OPENVAS:892637"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2014-1972949"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0815"]}, {"type": "redhat", "idList": ["RHSA-2013:0815", "RHSA-2013:1011", "RHSA-2013:1012", "RHSA-2013:1207", "RHSA-2013:1208", "RHSA-2013:1209"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29115", "SECURITYVULNS:DOC:29893", "SECURITYVULNS:VULN:12917", "SECURITYVULNS:VULN:13537"]}, {"type": "seebug", "idList": ["SSV:60653", "SSV:60657"]}, {"type": "slackware", "idList": ["SSA-2013-062-01"]}, {"type": "ubuntu", "idList": ["USN-1765-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-3499", "UB:CVE-2012-4558"]}], "rev": 4}, "score": {"value": 4.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2013-194"]}, {"type": "centos", "idList": ["CESA-2013:0815"]}, {"type": "cve", "idList": ["CVE-2012-3499", "CVE-2012-4558"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2637-1:AC782"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2012-3499"]}, {"type": "f5", "idList": ["SOL15899", "SOL15900"]}, {"type": "freebsd", "idList": ["9C88D8A8-8372-11E2-A010-20CF30E32F6D"]}, {"type": "httpd", "idList": ["HTTPD:B07D6585013819446B5017BD7E358E6F"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/ORACLE-SOLARIS-CVE-2012-4558/"]}, {"type": "nessus", "idList": ["ALA_ALAS-2013-175.NASL", "ALA_ALAS-2013-193.NASL", "FREEBSD_PKG_9C88D8A8837211E2A01020CF30E32F6D.NASL", "JUNIPER_NSM_JSA10685.NASL", "SLACKWARE_SSA_2013-062-01.NASL", "SOLARIS11_APACHE_20130604.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123628", "OPENVAS:1361412562310892637"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2014-1972949"]}, {"type": "redhat", "idList": ["RHSA-2013:1209"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29893"]}, {"type": "seebug", "idList": ["SSV:60653"]}, {"type": "slackware", "idList": ["SSA-2013-062-01"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-3499"]}]}, "exploitation": null, "vulnersScore": 4.6}, "affectedSoftware": [{"name": "arx", "operator": "le", "version": "6.4.0"}], "_state": {"dependencies": 1647589307, "score": 0}}

{"slackware": [{"lastseen": "2019-05-30T07:36:51", "description": "New httpd packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37,\n14.0, and -current to fix security issues.\n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n\npatches/packages/httpd-2.4.4-i486-1_slack14.0.txz: Upgraded.\n This update provides bugfixes and enhancements.\n Two security issues are fixed:\n * Various XSS flaws due to unescaped hostnames and URIs HTML output in\n mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.\n [Jim Jagielski, Stefan Fritsch, Niels Heinen &lt;heinenn google com&gt;]\n * XSS in mod_proxy_balancer manager interface. [Jim Jagielski,\n Niels Heinen &lt;heinenn google com&gt;]\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the &quot;Get Slack&quot; section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/httpd-2.2.24-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/httpd-2.2.24-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/httpd-2.2.24-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/httpd-2.2.24-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/httpd-2.2.24-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/httpd-2.2.24-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/httpd-2.2.24-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/httpd-2.2.24-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/httpd-2.4.4-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/httpd-2.4.4-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.4.4-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/httpd-2.4.4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.1 package:\ncdc26999b5fd2787f1eaef285dad47bc httpd-2.2.24-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n7671b12ad7b163c1aba0fb7278349c0d httpd-2.2.24-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n5ca815faf37f28c2e365f47643d7b9a4 httpd-2.2.24-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n715fa297d5451dafdbe1b296565b3a08 httpd-2.2.24-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n4246568ea7eada4c3c4dc6bd95464784 httpd-2.2.24-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n2ee64f87af8563132fccfe53e9f0f4c9 httpd-2.2.24-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n252c123e2a3c03aff1aa2112050de945 httpd-2.2.24-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n9a5fcc681c89c131478910d999e25170 httpd-2.2.24-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n32d6ffa35ea58aaf4d9e325b857c4e11 httpd-2.4.4-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n889197760474094bce962f900f5258b1 httpd-2.4.4-x86_64-1_slack14.0.txz\n\nSlackware -current package:\nae7a5606e6ec97ec74ab64bf7cde5c03 n/httpd-2.4.4-i486-1.txz\n\nSlackware x86_64 -current package:\n09c32bd3fef0741e0743c0590e72f9d2 n/httpd-2.4.4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg httpd-2.4.4-i486-1_slack14.0.txz\n\nThen, restart Apache httpd:\n\n > /etc/rc.d/rc.httpd stop\n > /etc/rc.d/rc.httpd start", "cvss3": {}, "published": "2013-03-03T15:02:33", "type": "slackware", "title": "httpd", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2012-3499"], "modified": "2013-03-03T15:02:33", "id": "SSA-2013-062-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.533486", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. ", "edition": 2, "cvss3": {}, "published": "2013-04-01T03:30:25", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: httpd-2.4.4-2.fc18", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2013-04-01T03:30:25", "id": "FEDORA:BBECA20AE3", "href": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2022-03-27T15:10:30", "description": "According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.4. It is, therefore, affected by the following cross-site scripting vulnerabilities :\n\n - Errors exist related to the modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp and unescaped hostnames and URIs that could allow cross- site scripting attacks. (CVE-2012-3499)\n\n - An error exists related to the mod_proxy_balancer module's manager interface that could allow cross-site scripting attacks. (CVE-2012-4558)\n\nNote that the scanner did not actually test for these issues, but instead has relied on the version in the server's banner.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2019-01-09T00:00:00", "type": "nessus", "title": "Apache 2.4.x < 2.4.4 Multiple XSS Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98902", "href": "https://www.tenable.com/plugins/was/98902", "sourceData": "No source data", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T18:18:14", "description": "Apache HTTP SERVER PROJECT reports:low: XSS due to unescaped hostnames CVE-2012-3499 Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp. moderate: XSS in mod_proxy_balancer CVE-2012-4558 A XSS flaw affected the mod_proxy_balancer manager interface.", "cvss3": {"score": null, "vector": null}, "published": "2013-03-04T00:00:00", "type": "nessus", "title": "FreeBSD : apache22 -- several vulnerabilities (9c88d8a8-8372-11e2-a010-20cf30e32f6d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:apache22", "p-cpe:/a:freebsd:freebsd:apache22-event-mpm", "p-cpe:/a:freebsd:freebsd:apache22-itk-mpm", "p-cpe:/a:freebsd:freebsd:apache22-peruser-mpm", "p-cpe:/a:freebsd:freebsd:apache22-worker-mpm", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_9C88D8A8837211E2A01020CF30E32F6D.NASL", "href": "https://www.tenable.com/plugins/nessus/64989", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64989);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n\n script_name(english:\"FreeBSD : apache22 -- several vulnerabilities (9c88d8a8-8372-11e2-a010-20cf30e32f6d)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Apache HTTP SERVER PROJECT reports:low: XSS due to unescaped hostnames\nCVE-2012-3499 Various XSS flaws due to unescaped hostnames and URIs\nHTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and\nmod_proxy_ftp. moderate: XSS in mod_proxy_balancer CVE-2012-4558 A XSS\nflaw affected the mod_proxy_balancer manager interface.\"\n );\n # https://vuxml.freebsd.org/freebsd/9c88d8a8-8372-11e2-a010-20cf30e32f6d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8cb43c73\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apache22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apache22-event-mpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apache22-itk-mpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apache22-peruser-mpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apache22-worker-mpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"apache22>2.2.0<2.2.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"apache22-event-mpm>2.2.0<2.2.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"apache22-itk-mpm>2.2.0<2.2.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"apache22-peruser-mpm>2.2.0<2.2.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"apache22-worker-mpm>2.2.0<2.2.24\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T18:15:32", "description": "This update contains the latest release of the Apache HTTP Server, version 2.4.4.\n\nTwo security issues are resolved in this update :\n\n - Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp. (CVE-2012-3499)\n\n - An Cross-Site-Scripting attack against the mod_proxy_balancer manager interface. (CVE-2012-4558)\n\nNumerous bug fixes and minor enhancements are also included; for more information see :\n\nhttp://www.apache.org/dist/httpd/CHANGES_2.4.4\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-04-01T00:00:00", "type": "nessus", "title": "Fedora 18 : httpd-2.4.4-2.fc18 (2013-4541)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-4541.NASL", "href": "https://www.tenable.com/plugins/nessus/65760", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-4541.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65760);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n script_bugtraq_id(58165);\n script_xref(name:\"FEDORA\", value:\"2013-4541\");\n\n script_name(english:\"Fedora 18 : httpd-2.4.4-2.fc18 (2013-4541)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains the latest release of the Apache HTTP Server,\nversion 2.4.4.\n\nTwo security issues are resolved in this update :\n\n - Various XSS flaws due to unescaped hostnames and URIs\n HTML output in mod_info, mod_status, mod_imagemap,\n mod_ldap, and mod_proxy_ftp. (CVE-2012-3499)\n\n - An Cross-Site-Scripting attack against the\n mod_proxy_balancer manager interface. (CVE-2012-4558)\n\nNumerous bug fixes and minor enhancements are also included; for more\ninformation see :\n\nhttp://www.apache.org/dist/httpd/CHANGES_2.4.4\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.apache.org/dist/httpd/CHANGES_2.4.4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=915883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=915884\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?06fcc566\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"httpd-2.4.4-2.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T18:15:02", "description": "New httpd packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-03-04T00:00:00", "type": "nessus", "title": "Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : httpd (SSA:2013-062-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:httpd", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0"], "id": "SLACKWARE_SSA_2013-062-01.NASL", "href": "https://www.tenable.com/plugins/nessus/64970", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2013-062-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64970);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n script_bugtraq_id(58165);\n script_xref(name:\"SSA\", value:\"2013-062-01\");\n\n script_name(english:\"Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : httpd (SSA:2013-062-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New httpd packages are available for Slackware 12.1, 12.2, 13.0,\n13.1, 13.37, 14.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.533486\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7ed5e45c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"12.1\", pkgname:\"httpd\", pkgver:\"2.2.24\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"httpd\", pkgver:\"2.2.24\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"httpd\", pkgver:\"2.2.24\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.2.24\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"httpd\", pkgver:\"2.2.24\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.2.24\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"httpd\", pkgver:\"2.2.24\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.2.24\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"httpd\", pkgver:\"2.4.4\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.4.4\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"httpd\", pkgver:\"2.4.4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.4.4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T18:20:26", "description": "Apache2 has been updated to fix multiple XSS flaws.\n\n - Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server potentially allowed remote attackers to inject arbitrary web script or HTML via a crafted string. (CVE-2012-4558)\n\n - Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server allowed remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules. (CVE-2012-3499)", "cvss3": {"score": null, "vector": null}, "published": "2013-04-10T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Apache (ZYPP Patch Number 8530)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_APACHE2-8530.NASL", "href": "https://www.tenable.com/plugins/nessus/65908", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65908);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n\n script_name(english:\"SuSE 10 Security Update : Apache (ZYPP Patch Number 8530)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Apache2 has been updated to fix multiple XSS flaws.\n\n - Multiple cross-site scripting (XSS) vulnerabilities in\n the balancer_handler function in the manager interface\n in mod_proxy_balancer.c in the mod_proxy_balancer module\n in the Apache HTTP Server potentially allowed remote\n attackers to inject arbitrary web script or HTML via a\n crafted string. (CVE-2012-4558)\n\n - Multiple cross-site scripting (XSS) vulnerabilities in\n the Apache HTTP Server allowed remote attackers to\n inject arbitrary web script or HTML via vectors\n involving hostnames and URIs in the (1) mod_imagemap,\n (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5)\n mod_status modules. (CVE-2012-3499)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3499.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4558.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8530.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"apache2-2.2.3-16.48.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"apache2-devel-2.2.3-16.48.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"apache2-doc-2.2.3-16.48.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"apache2-example-pages-2.2.3-16.48.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"apache2-prefork-2.2.3-16.48.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"apache2-worker-2.2.3-16.48.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T18:12:54", "description": "Multiple vulnerabilities has been found and corrected in apache (ASF HTTPD) :\n\nVarious XSS (cross-site scripting vulnerability) flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp (CVE-2012-3499).\n\nXSS (cross-site scripting vulnerability) in mod_proxy_balancer manager interface (CVE-2012-4558).\n\nAdditionally the ASF bug 53219 was resolved which provides a way to mitigate the CRIME attack vulnerability by disabling TLS-level compression. Use the new directive SSLCompression on|off to enable or disable TLS-level compression, by default SSLCompression is turned on.\n\nThe updated packages have been upgraded to the latest 2.2.24 version which is not vulnerable to these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-02-27T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : apache (MDVSA-2013:015-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache", "p-cpe:/a:mandriva:linux:apache-base", "p-cpe:/a:mandriva:linux:apache-conf", "p-cpe:/a:mandriva:linux:apache-devel", "p-cpe:/a:mandriva:linux:apache-doc", "p-cpe:/a:mandriva:linux:apache-htcacheclean", "p-cpe:/a:mandriva:linux:apache-mod_authn_dbd", "p-cpe:/a:mandriva:linux:apache-mod_cache", "p-cpe:/a:mandriva:linux:apache-mod_dav", "p-cpe:/a:mandriva:linux:apache-mod_dbd", "p-cpe:/a:mandriva:linux:apache-mod_deflate", "p-cpe:/a:mandriva:linux:apache-mod_disk_cache", "p-cpe:/a:mandriva:linux:apache-mod_file_cache", "p-cpe:/a:mandriva:linux:apache-mod_ldap", "p-cpe:/a:mandriva:linux:apache-mod_mem_cache", "p-cpe:/a:mandriva:linux:apache-mod_proxy", "p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp", "p-cpe:/a:mandriva:linux:apache-mod_proxy_scgi", "p-cpe:/a:mandriva:linux:apache-mod_reqtimeout", "p-cpe:/a:mandriva:linux:apache-mod_ssl", "p-cpe:/a:mandriva:linux:apache-mod_suexec", "p-cpe:/a:mandriva:linux:apache-mod_userdir", "p-cpe:/a:mandriva:linux:apache-modules", "p-cpe:/a:mandriva:linux:apache-mpm-event", "p-cpe:/a:mandriva:linux:apache-mpm-itk", "p-cpe:/a:mandriva:linux:apache-mpm-peruser", "p-cpe:/a:mandriva:linux:apache-mpm-prefork", "p-cpe:/a:mandriva:linux:apache-mpm-worker", "p-cpe:/a:mandriva:linux:apache-source", "cpe:/o:mandriva:business_server:1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2013-015.NASL", "href": "https://www.tenable.com/plugins/nessus/64902", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:015. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64902);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n script_bugtraq_id(58119, 58165);\n script_xref(name:\"MDVSA\", value:\"2013:015\");\n script_xref(name:\"MDVSA\", value:\"2013:015-1\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apache (MDVSA-2013:015-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in apache (ASF\nHTTPD) :\n\nVarious XSS (cross-site scripting vulnerability) flaws due to\nunescaped hostnames and URIs HTML output in mod_info, mod_status,\nmod_imagemap, mod_ldap, and mod_proxy_ftp (CVE-2012-3499).\n\nXSS (cross-site scripting vulnerability) in mod_proxy_balancer manager\ninterface (CVE-2012-4558).\n\nAdditionally the ASF bug 53219 was resolved which provides a way to\nmitigate the CRIME attack vulnerability by disabling TLS-level\ncompression. Use the new directive SSLCompression on|off to enable or\ndisable TLS-level compression, by default SSLCompression is turned on.\n\nThe updated packages have been upgraded to the latest 2.2.24 version\nwhich is not vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://httpd.apache.org/security/vulnerabilities_22.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.apache.org/dist/httpd/CHANGES_2.2.24\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bz.apache.org/bugzilla/show_bug.cgi?id=53219\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-conf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-htcacheclean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_authn_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_dbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_deflate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_disk_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_file_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_mem_cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy_ajp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_proxy_scgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_reqtimeout\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_userdir\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-peruser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-base-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-conf-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-devel-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-doc-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-htcacheclean-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_authn_dbd-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_cache-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_dav-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_dbd-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_deflate-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_disk_cache-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_file_cache-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_ldap-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_mem_cache-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_proxy-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_proxy_ajp-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_proxy_scgi-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_reqtimeout-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_ssl-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_suexec-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_userdir-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-modules-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mpm-event-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mpm-itk-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mpm-peruser-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mpm-prefork-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mpm-worker-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"apache-source-2.2.24-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-devel-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"apache-doc-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-htcacheclean-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_authn_dbd-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_cache-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_dav-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_dbd-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_deflate-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_disk_cache-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_file_cache-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_ldap-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_mem_cache-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_proxy-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_proxy_ajp-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_proxy_scgi-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_reqtimeout-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_ssl-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_suexec-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_userdir-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mpm-event-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mpm-itk-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mpm-peruser-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mpm-prefork-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mpm-worker-2.2.24-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"apache-source-2.2.24-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T18:38:50", "description": "Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.\n\nMultiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : httpd24 (ALAS-2013-175)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:httpd24", "p-cpe:/a:amazon:linux:httpd24-debuginfo", "p-cpe:/a:amazon:linux:httpd24-devel", "p-cpe:/a:amazon:linux:httpd24-manual", "p-cpe:/a:amazon:linux:httpd24-tools", "p-cpe:/a:amazon:linux:mod24_ldap", "p-cpe:/a:amazon:linux:mod24_proxy_html", "p-cpe:/a:amazon:linux:mod24_session", "p-cpe:/a:amazon:linux:mod24_ssl", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2013-175.NASL", "href": "https://www.tenable.com/plugins/nessus/69734", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-175.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69734);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n script_xref(name:\"ALAS\", value:\"2013-175\");\n\n script_name(english:\"Amazon Linux AMI : httpd24 (ALAS-2013-175)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple cross-site scripting (XSS) vulnerabilities in the\nbalancer_handler function in the manager interface in\nmod_proxy_balancer.c in the mod_proxy_balancer module in the Apache\nHTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow\nremote attackers to inject arbitrary web script or HTML via a crafted\nstring.\n\nMultiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP\nServer 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote\nattackers to inject arbitrary web script or HTML via vectors involving\nhostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3)\nmod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-175.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update httpd24' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-2.4.4-2.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-debuginfo-2.4.4-2.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-devel-2.4.4-2.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-manual-2.4.4-2.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-tools-2.4.4-2.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_ldap-2.4.4-2.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_proxy_html-2.4.4-2.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_session-2.4.4-2.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_ssl-2.4.4-2.41.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd24 / httpd24-debuginfo / httpd24-devel / httpd24-manual / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T14:53:26", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.\n (CVE-2012-3499)\n\n - Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.\n (CVE-2012-4558)", "cvss3": {"score": null, "vector": null}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : apache (multiple_cross_site_scripting_vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:apache"], "id": "SOLARIS11_APACHE_20130604.NASL", "href": "https://www.tenable.com/plugins/nessus/80584", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80584);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : apache (multiple_cross_site_scripting_vulnerabilities)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - Multiple cross-site scripting (XSS) vulnerabilities in\n the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x\n before 2.4.4 allow remote attackers to inject arbitrary\n web script or HTML via vectors involving hostnames and\n URIs in the (1) mod_imagemap, (2) mod_info, (3)\n mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.\n (CVE-2012-3499)\n\n - Multiple cross-site scripting (XSS) vulnerabilities in\n the balancer_handler function in the manager interface\n in mod_proxy_balancer.c in the mod_proxy_balancer module\n in the Apache HTTP Server 2.2.x before 2.2.24-dev and\n 2.4.x before 2.4.4 allow remote attackers to inject\n arbitrary web script or HTML via a crafted string.\n (CVE-2012-4558)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-apache-http-server\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?158e3c7f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.7.5.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:apache\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^apache-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.7.0.5.0\", sru:\"SRU 11.1.7.5.0\") > 0) flag++;\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n error_extra = 'Affected package : apache\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"apache\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T18:20:27", "description": "Apache2 has been updated to fix multiple XSS flaws.\n\n - Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server potentially allowed remote attackers to inject arbitrary web script or HTML via a crafted string. (CVE-2012-4558)\n\n - Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server allowed remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules. (CVE-2012-3499)", "cvss3": {"score": null, "vector": null}, "published": "2013-04-10T00:00:00", "type": "nessus", "title": "SuSE 11.2 Security Update : Apache (SAT Patch Number 7570)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:apache2", "p-cpe:/a:novell:suse_linux:11:apache2-doc", "p-cpe:/a:novell:suse_linux:11:apache2-example-pages", "p-cpe:/a:novell:suse_linux:11:apache2-prefork", "p-cpe:/a:novell:suse_linux:11:apache2-utils", "p-cpe:/a:novell:suse_linux:11:apache2-worker", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_APACHE2-130327.NASL", "href": "https://www.tenable.com/plugins/nessus/65907", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65907);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n\n script_name(english:\"SuSE 11.2 Security Update : Apache (SAT Patch Number 7570)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Apache2 has been updated to fix multiple XSS flaws.\n\n - Multiple cross-site scripting (XSS) vulnerabilities in\n the balancer_handler function in the manager interface\n in mod_proxy_balancer.c in the mod_proxy_balancer module\n in the Apache HTTP Server potentially allowed remote\n attackers to inject arbitrary web script or HTML via a\n crafted string. (CVE-2012-4558)\n\n - Multiple cross-site scripting (XSS) vulnerabilities in\n the Apache HTTP Server allowed remote attackers to\n inject arbitrary web script or HTML via vectors\n involving hostnames and URIs in the (1) mod_imagemap,\n (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5)\n mod_status modules. (CVE-2012-3499)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=806458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=807152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3499.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4558.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 7570.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"apache2-2.2.12-1.38.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"apache2-doc-2.2.12-1.38.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"apache2-example-pages-2.2.12-1.38.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"apache2-prefork-2.2.12-1.38.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"apache2-utils-2.2.12-1.38.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"apache2-worker-2.2.12-1.38.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T18:14:02", "description": "According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.24. It is, therefore, potentially affected by the following cross-site scripting vulnerabilities :\n\n - Errors exist related to the modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp and unescaped hostnames and URIs that could allow cross- site scripting attacks. (CVE-2012-3499)\n\n - An error exists related to the mod_proxy_balancer module's manager interface that could allow cross-site scripting attacks. (CVE-2012-4558)\n\nNote that Nessus did not actually test for these issues, but instead has relied on the version in the server's banner.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2013-02-27T00:00:00", "type": "nessus", "title": "Apache 2.2.x < 2.2.24 Multiple XSS Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2018-06-29T00:00:00", "cpe": ["cpe:/a:apache:http_server"], "id": "APACHE_2_2_24.NASL", "href": "https://www.tenable.com/plugins/nessus/64912", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64912);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2018/06/29 12:01:03\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n script_bugtraq_id(58165);\n\n script_name(english:\"Apache 2.2.x < 2.2.24 Multiple XSS Vulnerabilities\");\n script_summary(english:\"Checks version in Server response header\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple cross-site scripting\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Apache 2.2.x running on the\nremote host is prior to 2.2.24. It is, therefore, potentially affected\nby the following cross-site scripting vulnerabilities :\n\n - Errors exist related to the modules mod_info,\n mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp\n and unescaped hostnames and URIs that could allow cross-\n site scripting attacks. (CVE-2012-3499)\n\n - An error exists related to the mod_proxy_balancer\n module's manager interface that could allow cross-site\n scripting attacks. (CVE-2012-4558)\n\nNote that Nessus did not actually test for these issues, but instead\nhas relied on the version in the server's banner.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://archive.apache.org/dist/httpd/CHANGES_2.2.24\");\n script_set_attribute(attribute:\"see_also\", value:\"http://httpd.apache.org/security/vulnerabilities_22.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache version 2.2.24 or later. Alternatively, ensure that\nthe affected modules are not in use.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:http_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"apache_http_version.nasl\");\n script_require_keys(\"installed_sw/Apache\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\nget_install_count(app_name:\"Apache\", exit_if_zero:TRUE);\nport = get_http_port(default:80);\ninstall = get_single_install(app_name:\"Apache\", port:port, exit_if_unknown_ver:TRUE);\n\n# Check if we could get a version first, then check if it was\n# backported\nversion = get_kb_item_or_exit('www/apache/'+port+'/version', exit_code:1);\nbackported = get_kb_item_or_exit('www/apache/'+port+'/backported', exit_code:1);\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"Apache web server\");\nsource = get_kb_item_or_exit('www/apache/'+port+'/source', exit_code:1);\n\n# Check if the version looks like either ServerTokens Major/Minor was used.\nif (version =~ '^2(\\\\.2)?$') exit(1, \"The banner from the Apache server listening on port \"+port+\" - \"+source+\" - is not granular enough to make a determination.\");\n\n# This plugin is only concerned with Apache 2.2\nif (version !~ \"^2\\.2[^0-9]\") audit(AUDIT_WRONG_WEB_SERVER, port, \"Apache 2.2.x\");\n\nfixed_ver = '2.2.24';\nif (ver_compare(ver:version, fix:fixed_ver) == -1)\n{\n set_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_ver + '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Apache\", port, version);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T18:38:03", "description": "Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.\n\nMultiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : httpd (ALAS-2013-174)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:httpd", "p-cpe:/a:amazon:linux:httpd-debuginfo", "p-cpe:/a:amazon:linux:httpd-devel", "p-cpe:/a:amazon:linux:httpd-manual", "p-cpe:/a:amazon:linux:httpd-tools", "p-cpe:/a:amazon:linux:mod_ssl", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2013-174.NASL", "href": "https://www.tenable.com/plugins/nessus/69733", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-174.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69733);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n script_xref(name:\"ALAS\", value:\"2013-174\");\n\n script_name(english:\"Amazon Linux AMI : httpd (ALAS-2013-174)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple cross-site scripting (XSS) vulnerabilities in the\nbalancer_handler function in the manager interface in\nmod_proxy_balancer.c in the mod_proxy_balancer module in the Apache\nHTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow\nremote attackers to inject arbitrary web script or HTML via a crafted\nstring.\n\nMultiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP\nServer 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote\nattackers to inject arbitrary web script or HTML via vectors involving\nhostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3)\nmod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-174.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update httpd' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"httpd-2.2.24-1.29.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd-debuginfo-2.2.24-1.29.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd-devel-2.2.24-1.29.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd-manual-2.2.24-1.29.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd-tools-2.2.24-1.29.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod_ssl-2.2.24-1.29.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / httpd-tools / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-04-12T15:26:20", "description": "According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.4. It is, therefore, affected by the following cross-site scripting vulnerabilities :\n\n - Errors exist related to the modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp and unescaped hostnames and URIs that could allow cross- site scripting attacks. (CVE-2012-3499)\n\n - An error exists related to the mod_proxy_balancer module's manager interface that could allow cross-site scripting attacks. (CVE-2012-4558)\n\nNote that Nessus did not actually test for these issues, but instead has relied on the version in the server's banner.", "cvss3": {"score": 5.9, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2013-02-26T00:00:00", "type": "nessus", "title": "Apache 2.4.x < 2.4.4 Multiple XSS Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:apache:http_server"], "id": "APACHE_2_4_4.NASL", "href": "https://www.tenable.com/plugins/nessus/64893", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64893);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n script_bugtraq_id(58165);\n\n script_name(english:\"Apache 2.4.x < 2.4.4 Multiple XSS Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server may be affected by multiple cross-site scripting\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Apache 2.4.x running on the\nremote host is prior to 2.4.4. It is, therefore, affected by the\nfollowing cross-site scripting vulnerabilities :\n\n - Errors exist related to the modules mod_info,\n mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp\n and unescaped hostnames and URIs that could allow cross-\n site scripting attacks. (CVE-2012-3499)\n\n - An error exists related to the mod_proxy_balancer\n module's manager interface that could allow cross-site\n scripting attacks. (CVE-2012-4558)\n\nNote that Nessus did not actually test for these issues, but instead\nhas relied on the version in the server's banner.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://archive.apache.org/dist/httpd/CHANGES_2.4.4\");\n script_set_attribute(attribute:\"see_also\", value:\"http://httpd.apache.org/security/vulnerabilities_24.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache version 2.4.4 or later. Alternatively, ensure that\nthe affected modules are not in use.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4558\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"apache_http_version.nasl\", \"apache_http_server_nix_installed.nbin\", \"apache_httpd_win_installed.nbin\");\n script_require_keys(\"installed_sw/Apache\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\n\napp_info = vcf::apache_http_server::combined_get_app_info(app:'Apache');\n\nconstraints = [\n { 'min_version' : '2.3.0', 'fixed_version' : '2.4.4' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:55:26", "description": "The remote host is running a Apache HTTP server. Versions earlier than 2.4.4 are vulnerable to the following vulnerabilities :\n\n - Errors exist related to the modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp and unescaped hostnames and URIs that could allow cross-site scripting attacks. (CVE-2012-3499)\n\n - An error exists related to the mod_proxy_balancer module's manager interface that could allow cross-site scripting attacks. (CVE-2012-4558)", "cvss3": {"score": null, "vector": null}, "published": "2013-02-27T00:00:00", "type": "nessus", "title": "Apache 2.2 < 2.2.24 Multiple Cross-Site Scripting Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2013-02-27T00:00:00", "cpe": [], "id": "800118.PRM", "href": "https://www.tenable.com/plugins/lce/800118", "sourceData": "Binary data 800118.prm", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:55:26", "description": "The remote host is running a Apache HTTP server. \n\nVersions 2.4.1 to 2.4.3 inclusive are vulnerable to the following vulnerabilities :\n\n - Errors exist related to the modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp and unescaped hostnames and URIs that could allow cross-site scripting attacks. (CVE-2012-3499)\n\n - An error exists related to the mod_proxy_balancer module's manager interface that could allow cross-site scripting attacks. (CVE-2012-4558)", "cvss3": {"score": 3.7, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2013-02-27T00:00:00", "type": "nessus", "title": "Apache 2.4.1 to 2.4.3 Multiple Cross-Site Scripting Vulnerabilites", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apache:http_server:2.4:*:*:*:*:*:*:*"], "id": "6700.PRM", "href": "https://www.tenable.com/plugins/nnm/6700", "sourceData": "Binary data 6700.prm", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:55:26", "description": "The remote host is running a Apache HTTP server. \n\nVersions earlier than 2.4.4 are vulnerable to the following vulnerabilities :\n\n - Errors exist related to the modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp and unescaped hostnames and URIs that could allow cross-site scripting attacks. (CVE-2012-3499)\n\n - An error exists related to the mod_proxy_balancer module's manager interface that could allow cross-site scripting attacks. (CVE-2012-4558)", "cvss3": {"score": 3.7, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2013-02-27T00:00:00", "type": "nessus", "title": "Apache 2.2 < 2.2.24 Multiple Cross-Site Scripting Vulnerabilites", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*"], "id": "6701.PRM", "href": "https://www.tenable.com/plugins/nnm/6701", "sourceData": "Binary data 6701.prm", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:55:26", "description": "The remote host is running a Apache HTTP server. \n\n Versions earlier than 2.4.4 are vulnerable to the following vulnerabilities :\n\n - Errors exist related to the modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp and unescaped hostnames and URIs that could allow cross-site scripting attacks. (CVE-2012-3499)\n\n - An error exists related to the mod_proxy_balancer module's manager interface that could allow cross-site scripting attacks. (CVE-2012-4558)", "cvss3": {"score": null, "vector": null}, "published": "2013-02-27T00:00:00", "type": "nessus", "title": "Apache 2.4 < 2.4.4 Multiple Cross-Site Scripting Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2013-02-27T00:00:00", "cpe": [], "id": "800961.PRM", "href": "https://www.tenable.com/plugins/lce/800961", "sourceData": "Binary data 800961.prm", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T18:37:50", "description": "Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially crafted Host header. (CVE-2012-3499)", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : httpd24 (ALAS-2013-194)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:httpd24", "p-cpe:/a:amazon:linux:httpd24-debuginfo", "p-cpe:/a:amazon:linux:httpd24-devel", "p-cpe:/a:amazon:linux:httpd24-manual", "p-cpe:/a:amazon:linux:httpd24-tools", "p-cpe:/a:amazon:linux:mod24_ldap", "p-cpe:/a:amazon:linux:mod24_proxy_html", "p-cpe:/a:amazon:linux:mod24_session", "p-cpe:/a:amazon:linux:mod24_ssl", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2013-194.NASL", "href": "https://www.tenable.com/plugins/nessus/69752", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-194.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69752);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_xref(name:\"ALAS\", value:\"2013-194\");\n script_xref(name:\"RHSA\", value:\"2013:0815\");\n\n script_name(english:\"Amazon Linux AMI : httpd24 (ALAS-2013-194)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a\nuser, who was logged into the manager web interface, into visiting a\nspecially crafted URL, it would lead to arbitrary web script execution\nin the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences\nfrom its log file. If mod_rewrite was configured with the RewriteLog\ndirective, a remote attacker could use specially crafted HTTP requests\nto inject terminal escape sequences into the mod_rewrite log file. If\na victim viewed the log file with a terminal emulator, it could result\nin arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info,\nmod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An\nattacker could possibly use these flaws to perform XSS attacks if they\nwere able to make the victim's browser generate an HTTP request with a\nspecially crafted Host header. (CVE-2012-3499)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-194.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update httpd24' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd24-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-2.4.4-2.46.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-debuginfo-2.4.4-2.46.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-devel-2.4.4-2.46.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-manual-2.4.4-2.46.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd24-tools-2.4.4-2.46.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_ldap-2.4.4-2.46.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_proxy_html-2.4.4-2.46.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_session-2.4.4-2.46.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_ssl-2.4.4-2.46.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd24 / httpd24-debuginfo / httpd24-devel / httpd24-manual / etc\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:06:32", "description": "apache2 was updated to fix :\n\n - fix for cross site scripting vulnerability in mod_balancer. This is CVE-2012-4558 [bnc#807152]\n\n - fixes for low profile cross site scripting vulnerabilities, known as CVE-2012-3499 [bnc#806458]\n\n - Escape filename for the case that uploads are allowed with untrusted user's control over filenames and mod_negotiation enabled on the same directory.\n CVE-2012-2687 [bnc#777260]\n\nAnd also these bugs :\n\n- httpd-2.2.x-bnc798733-SNI_ignorecase.diff: ignore case when checking against SNI server names. [bnc#798733]", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2 (openSUSE-SU-2013:0629-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2687", "CVE-2012-3499", "CVE-2012-4558"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2", "p-cpe:/a:novell:opensuse:apache2-debuginfo", "p-cpe:/a:novell:opensuse:apache2-debugsource", "p-cpe:/a:novell:opensuse:apache2-devel", "p-cpe:/a:novell:opensuse:apache2-event", "p-cpe:/a:novell:opensuse:apache2-event-debuginfo", "p-cpe:/a:novell:opensuse:apache2-example-pages", "p-cpe:/a:novell:opensuse:apache2-itk", "p-cpe:/a:novell:opensuse:apache2-itk-debuginfo", "p-cpe:/a:novell:opensuse:apache2-prefork", "p-cpe:/a:novell:opensuse:apache2-prefork-debuginfo", "p-cpe:/a:novell:opensuse:apache2-utils", "p-cpe:/a:novell:opensuse:apache2-utils-debuginfo", "p-cpe:/a:novell:opensuse:apache2-worker", "p-cpe:/a:novell:opensuse:apache2-worker-debuginfo", "cpe:/o:novell:opensuse:12.1", "cpe:/o:novell:opensuse:12.2", "cpe:/o:novell:opensuse:12.3"], "id": "OPENSUSE-2013-308.NASL", "href": "https://www.tenable.com/plugins/nessus/74964", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-308.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74964);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-2687\", \"CVE-2012-3499\", \"CVE-2012-4558\");\n\n script_name(english:\"openSUSE Security Update : apache2 (openSUSE-SU-2013:0629-1)\");\n script_summary(english:\"Check for the openSUSE-2013-308 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"apache2 was updated to fix :\n\n - fix for cross site scripting vulnerability in\n mod_balancer. This is CVE-2012-4558 [bnc#807152]\n\n - fixes for low profile cross site scripting\n vulnerabilities, known as CVE-2012-3499 [bnc#806458]\n\n - Escape filename for the case that uploads are allowed\n with untrusted user's control over filenames and\n mod_negotiation enabled on the same directory.\n CVE-2012-2687 [bnc#777260]\n\nAnd also these bugs :\n\n- httpd-2.2.x-bnc798733-SNI_ignorecase.diff: ignore case when\nchecking against SNI server names. [bnc#798733]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=777260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=798733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=806458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=807152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-04/msg00046.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-event-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-itk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-debuginfo-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-debugsource-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-devel-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-event-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-event-debuginfo-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-example-pages-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-itk-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-itk-debuginfo-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-prefork-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-prefork-debuginfo-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-utils-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-utils-debuginfo-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-worker-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-worker-debuginfo-2.2.21-3.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-debuginfo-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-debugsource-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-devel-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-event-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-event-debuginfo-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-example-pages-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-itk-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-itk-debuginfo-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-prefork-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-prefork-debuginfo-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-utils-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-utils-debuginfo-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-worker-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"apache2-worker-debuginfo-2.2.22-4.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-debuginfo-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-debugsource-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-devel-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-event-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-event-debuginfo-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-example-pages-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-itk-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-itk-debuginfo-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-prefork-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-prefork-debuginfo-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-utils-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-utils-debuginfo-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-worker-2.2.22-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-worker-debuginfo-2.2.22-10.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T18:37:23", "description": "Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially crafted Host header. (CVE-2012-3499)", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : httpd (ALAS-2013-193)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:httpd", "p-cpe:/a:amazon:linux:httpd-debuginfo", "p-cpe:/a:amazon:linux:httpd-devel", "p-cpe:/a:amazon:linux:httpd-manual", "p-cpe:/a:amazon:linux:httpd-tools", "p-cpe:/a:amazon:linux:mod_ssl", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2013-193.NASL", "href": "https://www.tenable.com/plugins/nessus/69751", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-193.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69751);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_xref(name:\"ALAS\", value:\"2013-193\");\n script_xref(name:\"RHSA\", value:\"2013:0815\");\n\n script_name(english:\"Amazon Linux AMI : httpd (ALAS-2013-193)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a\nuser, who was logged into the manager web interface, into visiting a\nspecially crafted URL, it would lead to arbitrary web script execution\nin the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences\nfrom its log file. If mod_rewrite was configured with the RewriteLog\ndirective, a remote attacker could use specially crafted HTTP requests\nto inject terminal escape sequences into the mod_rewrite log file. If\na victim viewed the log file with a terminal emulator, it could result\nin arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info,\nmod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An\nattacker could possibly use these flaws to perform XSS attacks if they\nwere able to make the victim's browser generate an HTTP request with a\nspecially crafted Host header. (CVE-2012-3499)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-193.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update httpd' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"httpd-2.2.24-2.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd-debuginfo-2.2.24-2.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd-devel-2.2.24-2.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd-manual-2.2.24-2.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"httpd-tools-2.2.24-2.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod_ssl-2.2.24-2.31.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / httpd-tools / etc\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T18:26:00", "description": "From Red Hat Security Advisory 2013:0815 :\n\nUpdated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe Apache HTTP Server is a popular web server.\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially crafted Host header. (CVE-2012-3499)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : httpd (ELSA-2013-0815)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:httpd", "p-cpe:/a:oracle:linux:httpd-devel", "p-cpe:/a:oracle:linux:httpd-manual", "p-cpe:/a:oracle:linux:httpd-tools", "p-cpe:/a:oracle:linux:mod_ssl", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2013-0815.NASL", "href": "https://www.tenable.com/plugins/nessus/68819", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0815 and \n# Oracle Linux Security Advisory ELSA-2013-0815 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68819);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_bugtraq_id(58165);\n script_xref(name:\"RHSA\", value:\"2013:0815\");\n\n script_name(english:\"Oracle Linux 5 / 6 : httpd (ELSA-2013-0815)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0815 :\n\nUpdated httpd packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe Apache HTTP Server is a popular web server.\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a\nuser, who was logged into the manager web interface, into visiting a\nspecially crafted URL, it would lead to arbitrary web script execution\nin the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences\nfrom its log file. If mod_rewrite was configured with the RewriteLog\ndirective, a remote attacker could use specially crafted HTTP requests\nto inject terminal escape sequences into the mod_rewrite log file. If\na victim viewed the log file with a terminal emulator, it could result\nin arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info,\nmod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An\nattacker could possibly use these flaws to perform XSS attacks if they\nwere able to make the victim's browser generate an HTTP request with a\nspecially crafted Host header. (CVE-2012-3499)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-May/003464.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-May/003465.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"httpd-2.2.3-78.0.1.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"httpd-devel-2.2.3-78.0.1.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"httpd-manual-2.2.3-78.0.1.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mod_ssl-2.2.3-78.0.1.el5_9\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"httpd-2.2.15-28.0.1.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"httpd-devel-2.2.15-28.0.1.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"httpd-manual-2.2.15-28.0.1.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"httpd-tools-2.2.15-28.0.1.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mod_ssl-2.2.15-28.0.1.el6_4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / httpd-tools / mod_ssl\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T18:22:05", "description": "Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially- crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially crafted Host header. (CVE-2012-3499)\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-05-15T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : httpd on SL5.x, SL6.x i386/x86_64 (20130513)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:httpd", "p-cpe:/a:fermilab:scientific_linux:httpd-debuginfo", "p-cpe:/a:fermilab:scientific_linux:httpd-devel", "p-cpe:/a:fermilab:scientific_linux:httpd-manual", "p-cpe:/a:fermilab:scientific_linux:httpd-tools", "p-cpe:/a:fermilab:scientific_linux:mod_ssl", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20130513_HTTPD_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/66441", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66441);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n\n script_name(english:\"Scientific Linux Security Update : httpd on SL5.x, SL6.x i386/x86_64 (20130513)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a\nuser, who was logged into the manager web interface, into visiting a\nspecially- crafted URL, it would lead to arbitrary web script\nexecution in the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences\nfrom its log file. If mod_rewrite was configured with the RewriteLog\ndirective, a remote attacker could use specially crafted HTTP requests\nto inject terminal escape sequences into the mod_rewrite log file. If\na victim viewed the log file with a terminal emulator, it could result\nin arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info,\nmod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An\nattacker could possibly use these flaws to perform XSS attacks if they\nwere able to make the victim's browser generate an HTTP request with a\nspecially crafted Host header. (CVE-2012-3499)\n\nAfter installing the updated packages, the httpd daemon will be\nrestarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1305&L=scientific-linux-errata&T=0&P=541\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bad61e30\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"httpd-2.2.3-78.sl5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"httpd-debuginfo-2.2.3-78.sl5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"httpd-devel-2.2.3-78.sl5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"httpd-manual-2.2.3-78.sl5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"mod_ssl-2.2.3-78.sl5\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"httpd-2.2.15-28.sl6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"httpd-debuginfo-2.2.15-28.sl6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"httpd-devel-2.2.15-28.sl6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"httpd-manual-2.2.15-28.sl6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"httpd-tools-2.2.15-28.sl6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mod_ssl-2.2.15-28.sl6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / httpd-tools / etc\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T18:23:06", "description": "Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe Apache HTTP Server is a popular web server.\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially crafted Host header. (CVE-2012-3499)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-05-14T00:00:00", "type": "nessus", "title": "CentOS 5 / 6 : httpd (CESA-2013:0815)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:httpd", "p-cpe:/a:centos:centos:httpd-devel", "p-cpe:/a:centos:centos:httpd-manual", "p-cpe:/a:centos:centos:httpd-tools", "p-cpe:/a:centos:centos:mod_ssl", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2013-0815.NASL", "href": "https://www.tenable.com/plugins/nessus/66397", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0815 and \n# CentOS Errata and Security Advisory 2013:0815 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66397);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_bugtraq_id(58165);\n script_xref(name:\"RHSA\", value:\"2013:0815\");\n\n script_name(english:\"CentOS 5 / 6 : httpd (CESA-2013:0815)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated httpd packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe Apache HTTP Server is a popular web server.\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a\nuser, who was logged into the manager web interface, into visiting a\nspecially crafted URL, it would lead to arbitrary web script execution\nin the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences\nfrom its log file. If mod_rewrite was configured with the RewriteLog\ndirective, a remote attacker could use specially crafted HTTP requests\nto inject terminal escape sequences into the mod_rewrite log file. If\na victim viewed the log file with a terminal emulator, it could result\nin arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info,\nmod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An\nattacker could possibly use these flaws to perform XSS attacks if they\nwere able to make the victim's browser generate an HTTP request with a\nspecially crafted Host header. (CVE-2012-3499)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-May/019720.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?88d564af\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-May/019722.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?26fc001f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-1862\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-2.2.3-78.el5.centos\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-devel-2.2.3-78.el5.centos\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"httpd-manual-2.2.3-78.el5.centos\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"mod_ssl-2.2.3-78.el5.centos\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"httpd-2.2.15-28.el6.centos\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"httpd-devel-2.2.15-28.el6.centos\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"httpd-manual-2.2.15-28.el6.centos\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"httpd-tools-2.2.15-28.el6.centos\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mod_ssl-2.2.15-28.el6.centos\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / httpd-tools / mod_ssl\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T18:22:33", "description": "Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe Apache HTTP Server is a popular web server.\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially crafted Host header. (CVE-2012-3499)\n\nAll httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon will be restarted automatically.", "cvss3": {"score": null, "vector": null}, "published": "2013-05-14T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : httpd (RHSA-2013:0815)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-debuginfo", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-tools", "p-cpe:/a:redhat:enterprise_linux:mod_ssl", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.9", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.4"], "id": "REDHAT-RHSA-2013-0815.NASL", "href": "https://www.tenable.com/plugins/nessus/66403", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0815. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66403);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_bugtraq_id(58165);\n script_xref(name:\"RHSA\", value:\"2013:0815\");\n\n script_name(english:\"RHEL 5 / 6 : httpd (RHSA-2013:0815)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated httpd packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe Apache HTTP Server is a popular web server.\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a\nuser, who was logged into the manager web interface, into visiting a\nspecially crafted URL, it would lead to arbitrary web script execution\nin the context of the user's manager interface session.\n(CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences\nfrom its log file. If mod_rewrite was configured with the RewriteLog\ndirective, a remote attacker could use specially crafted HTTP requests\nto inject terminal escape sequences into the mod_rewrite log file. If\na victim viewed the log file with a terminal emulator, it could result\nin arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info,\nmod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An\nattacker could possibly use these flaws to perform XSS attacks if they\nwere able to make the victim's browser generate an HTTP request with a\nspecially crafted Host header. (CVE-2012-3499)\n\nAll httpd users should upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0815\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3499\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0815\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-2.2.3-78.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"httpd-2.2.3-78.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-2.2.3-78.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"httpd-debuginfo-2.2.3-78.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"httpd-devel-2.2.3-78.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-manual-2.2.3-78.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"httpd-manual-2.2.3-78.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-manual-2.2.3-78.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mod_ssl-2.2.3-78.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"mod_ssl-2.2.3-78.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mod_ssl-2.2.3-78.el5_9\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"httpd-2.2.15-28.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"httpd-2.2.15-28.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-2.2.15-28.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"httpd-debuginfo-2.2.15-28.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"httpd-devel-2.2.15-28.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"httpd-manual-2.2.15-28.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"httpd-tools-2.2.15-28.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"httpd-tools-2.2.15-28.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-tools-2.2.15-28.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mod_ssl-2.2.15-28.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mod_ssl-2.2.15-28.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_ssl-2.2.15-28.el6_4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / httpd-tools / etc\");\n }\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:55:41", "description": "Several vulnerabilities have been found in the Apache HTTPD server.\n\n - CVE-2012-3499 The modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp did not properly escape hostnames and URIs in HTML output, causing cross site scripting vulnerabilities.\n\n - CVE-2012-4558 Mod_proxy_balancer did not properly escape hostnames and URIs in its balancer-manager interface, causing a cross site scripting vulnerability.\n\n - CVE-2013-1048 Hayawardh Vijayakumar noticed that the apache2ctl script created the lock directory in an unsafe manner, allowing a local attacker to gain elevated privileges via a symlink attack. This is a Debian specific issue.", "cvss3": {"score": null, "vector": null}, "published": "2013-03-05T00:00:00", "type": "nessus", "title": "Debian DSA-2637-1 : apache2 - several issues", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1048"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:apache2", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2637.NASL", "href": "https://www.tenable.com/plugins/nessus/64995", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2637. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64995);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1048\");\n script_bugtraq_id(58165);\n script_xref(name:\"DSA\", value:\"2637\");\n\n script_name(english:\"Debian DSA-2637-1 : apache2 - several issues\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been found in the Apache HTTPD server.\n\n - CVE-2012-3499\n The modules mod_info, mod_status, mod_imagemap,\n mod_ldap, and mod_proxy_ftp did not properly escape\n hostnames and URIs in HTML output, causing cross site\n scripting vulnerabilities.\n\n - CVE-2012-4558\n Mod_proxy_balancer did not properly escape hostnames and\n URIs in its balancer-manager interface, causing a cross\n site scripting vulnerability.\n\n - CVE-2013-1048\n Hayawardh Vijayakumar noticed that the apache2ctl script\n created the lock directory in an unsafe manner, allowing\n a local attacker to gain elevated privileges via a\n symlink attack. This is a Debian specific issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-3499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-4558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-1048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/apache2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2637\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the apache2 packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 2.2.16-6+squeeze11.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"apache2\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2-dbg\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2-doc\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2-mpm-event\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2-mpm-itk\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2-mpm-prefork\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2-mpm-worker\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2-prefork-dev\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2-suexec\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2-suexec-custom\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2-threaded-dev\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2-utils\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2.2-bin\", reference:\"2.2.16-6+squeeze11\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"apache2.2-common\", reference:\"2.2.16-6+squeeze11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:55:47", "description": "Niels Heinen discovered that multiple modules incorrectly sanitized certain strings, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain.\n(CVE-2012-3499, CVE-2012-4558)\n\nIt was discovered that the mod_proxy_ajp module incorrectly handled error states. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. This issue only applied to Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 11.10. (CVE-2012-4557)\n\nIt was discovered that the apache2ctl script shipped in Ubuntu packages incorrectly created the lock directory. A local attacker could possibly use this issue to gain privileges. The symlink protections in Ubuntu 11.10 and later should reduce this vulnerability to a denial of service. (CVE-2013-1048).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-03-19T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : apache2 vulnerabilities (USN-1765-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4557", "CVE-2012-4558", "CVE-2013-1048"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:apache2.2-common", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1765-1.NASL", "href": "https://www.tenable.com/plugins/nessus/65607", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1765-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65607);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4557\", \"CVE-2012-4558\", \"CVE-2013-1048\");\n script_xref(name:\"USN\", value:\"1765-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : apache2 vulnerabilities (USN-1765-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Niels Heinen discovered that multiple modules incorrectly sanitized\ncertain strings, which could result in browsers becoming vulnerable to\ncross-site scripting attacks when processing the output. With\ncross-site scripting vulnerabilities, if a user were tricked into\nviewing server output during a crafted server request, a remote\nattacker could exploit this to modify the contents, or steal\nconfidential data (such as passwords), within the same domain.\n(CVE-2012-3499, CVE-2012-4558)\n\nIt was discovered that the mod_proxy_ajp module incorrectly handled\nerror states. A remote attacker could use this issue to cause the\nserver to stop responding, resulting in a denial of service. This\nissue only applied to Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu\n11.10. (CVE-2012-4557)\n\nIt was discovered that the apache2ctl script shipped in Ubuntu\npackages incorrectly created the lock directory. A local attacker\ncould possibly use this issue to gain privileges. The symlink\nprotections in Ubuntu 11.10 and later should reduce this vulnerability\nto a denial of service. (CVE-2013-1048).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1765-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2.2-common package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2.2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|11\\.10|12\\.04|12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 11.10 / 12.04 / 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"apache2.2-common\", pkgver:\"2.2.8-1ubuntu0.25\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"apache2.2-common\", pkgver:\"2.2.14-5ubuntu8.11\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"apache2.2-common\", pkgver:\"2.2.20-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"apache2.2-common\", pkgver:\"2.2.22-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"apache2.2-common\", pkgver:\"2.2.22-6ubuntu2.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2.2-common\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:49:42", "description": "Red Hat JBoss Web Server 2.0.1, which fixes multiple security issues and several bugs, is now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release serves as a replacement for Red Hat JBoss Web Server 2.0.0, and includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.0.1 Release Notes for information on the most significant of these changes, available shortly from https://access.redhat.com/site/documentation/\n\nThe following security issues are also fixed with this release :\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session. (CVE-2012-4558)\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially crafted Host header. (CVE-2012-3499)\n\nA session fixation flaw was found in the Tomcat FormAuthenticator module. During a narrow window of time, if a remote attacker sent requests while a user was logging in, it could possibly result in the attacker's requests being processed as if they were sent by the user.\n(CVE-2013-2067)\n\nA denial of service flaw was found in the way the Tomcat chunked transfer encoding input filter processed CRLF sequences. A remote attacker could use this flaw to send an excessively long request, consuming network bandwidth, CPU, and memory on the Tomcat server.\nChunked transfer encoding is enabled by default. (CVE-2012-3544)\n\nA flaw was found in the way the Tomcat 7 asynchronous context implementation performed request management in certain circumstances.\nIf an application used AsyncListeners and threw RuntimeExceptions, Tomcat could send a reply that contains information from a different user's request, possibly leading to the disclosure of sensitive information. This issue only affected Tomcat 7. (CVE-2013-2071)\n\nNote: Do not install Red Hat JBoss Web Server 2 on a host which has Red Hat JBoss Web Server 1 installed.\n\nWarning: Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAll users of Red Hat JBoss Web Server 2.0.0 on Red Hat Enterprise Linux 6 are advised to upgrade to Red Hat JBoss Web Server 2.0.1. The JBoss server process must be restarted for this update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-26T00:00:00", "type": "nessus", "title": "RHEL 6 : JBoss Web Server (RHSA-2013:1012)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-3544", "CVE-2012-4558", "CVE-2013-2067", "CVE-2013-2071"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-eap6", "p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6", "p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6-debuginfo", "p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-eap6", "p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-tomcat-eap6", "p-cpe:/a:redhat:enterprise_linux:dom4j", "p-cpe:/a:redhat:enterprise_linux:ecj3", "p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-debuginfo", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-tools", "p-cpe:/a:redhat:enterprise_linux:mod_cluster", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-demo", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-native", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-native-debuginfo", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat6", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat7", "p-cpe:/a:redhat:enterprise_linux:mod_jk-ap22", "p-cpe:/a:redhat:enterprise_linux:mod_jk-debuginfo", "p-cpe:/a:redhat:enterprise_linux:mod_jk-manual", "p-cpe:/a:redhat:enterprise_linux:mod_ssl", "p-cpe:/a:redhat:enterprise_linux:tomcat-native", "p-cpe:/a:redhat:enterprise_linux:tomcat-native-debuginfo", "p-cpe:/a:redhat:enterprise_linux:tomcat6", "p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat6-el-1.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7", "p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat7-el-1.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-1012.NASL", "href": "https://www.tenable.com/plugins/nessus/76238", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1012. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76238);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-3544\", \"CVE-2012-4558\", \"CVE-2013-2067\", \"CVE-2013-2071\");\n script_xref(name:\"RHSA\", value:\"2013:1012\");\n\n script_name(english:\"RHEL 6 : JBoss Web Server (RHSA-2013:1012)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Red Hat JBoss Web Server 2.0.1, which fixes multiple security issues\nand several bugs, is now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the\nApache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat\nConnector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and\nthe Tomcat Native library.\n\nThis release serves as a replacement for Red Hat JBoss Web Server\n2.0.0, and includes several bug fixes. Refer to the Red Hat JBoss Web\nServer 2.0.1 Release Notes for information on the most significant of\nthese changes, available shortly from\nhttps://access.redhat.com/site/documentation/\n\nThe following security issues are also fixed with this release :\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server\nmod_proxy_balancer module's manager web interface. If a remote\nattacker could trick a user, who was logged into the manager web\ninterface, into visiting a specially crafted URL, it would lead to\narbitrary web script execution in the context of the user's manager\ninterface session. (CVE-2012-4558)\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server\nmod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp\nmodules. An attacker could possibly use these flaws to perform XSS\nattacks if they were able to make the victim's browser generate an\nHTTP request with a specially crafted Host header. (CVE-2012-3499)\n\nA session fixation flaw was found in the Tomcat FormAuthenticator\nmodule. During a narrow window of time, if a remote attacker sent\nrequests while a user was logging in, it could possibly result in the\nattacker's requests being processed as if they were sent by the user.\n(CVE-2013-2067)\n\nA denial of service flaw was found in the way the Tomcat chunked\ntransfer encoding input filter processed CRLF sequences. A remote\nattacker could use this flaw to send an excessively long request,\nconsuming network bandwidth, CPU, and memory on the Tomcat server.\nChunked transfer encoding is enabled by default. (CVE-2012-3544)\n\nA flaw was found in the way the Tomcat 7 asynchronous context\nimplementation performed request management in certain circumstances.\nIf an application used AsyncListeners and threw RuntimeExceptions,\nTomcat could send a reply that contains information from a different\nuser's request, possibly leading to the disclosure of sensitive\ninformation. This issue only affected Tomcat 7. (CVE-2013-2071)\n\nNote: Do not install Red Hat JBoss Web Server 2 on a host which has\nRed Hat JBoss Web Server 1 installed.\n\nWarning: Before applying the update, back up your existing Red Hat\nJBoss Web Server installation (including all applications and\nconfiguration files).\n\nAll users of Red Hat JBoss Web Server 2.0.0 on Red Hat Enterprise\nLinux 6 are advised to upgrade to Red Hat JBoss Web Server 2.0.1. The\nJBoss server process must be restarted for this update to take effect.\"\n );\n # https://access.redhat.com/site/documentation/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n # https://access.redhat.com/site/documentation/en-US/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-US/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:1012\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3544\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-2067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-2071\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-tomcat-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dom4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ecj3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-native-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_jk-ap22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_jk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_jk-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-native-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-1.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-el-1.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:1012\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"mod_cluster\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL6\", reference:\"apache-commons-daemon-eap6-1.0.15-4.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"apache-commons-daemon-jsvc-eap6-1.0.15-1.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"apache-commons-daemon-jsvc-eap6-1.0.15-1.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"apache-commons-daemon-jsvc-eap6-debuginfo-1.0.15-1.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"apache-commons-daemon-jsvc-eap6-debuginfo-1.0.15-1.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"apache-commons-pool-eap6-1.6-6.redhat_4.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"apache-commons-pool-tomcat-eap6-1.6-6.redhat_4.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"dom4j-1.6.1-19.redhat_5.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ecj3-3.7.2-6.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-debuginfo-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-debuginfo-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-devel-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-devel-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-manual-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-manual-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-tools-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-tools-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"mod_cluster-1.2.4-1.Final_redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"mod_cluster-demo-1.2.4-1.Final_redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_cluster-native-1.2.4-1.Final.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_cluster-native-1.2.4-1.Final.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_cluster-native-debuginfo-1.2.4-1.Final.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_cluster-native-debuginfo-1.2.4-1.Final.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"mod_cluster-tomcat6-1.2.4-1.Final_redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"mod_cluster-tomcat7-1.2.4-1.Final_redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_jk-ap22-1.2.37-2.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_jk-ap22-1.2.37-2.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_jk-debuginfo-1.2.37-2.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_jk-debuginfo-1.2.37-2.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_jk-manual-1.2.37-2.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_jk-manual-1.2.37-2.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_ssl-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_ssl-2.2.22-23.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"tomcat-native-1.1.27-4.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat-native-1.1.27-4.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"tomcat-native-debuginfo-1.1.27-4.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tomcat-native-debuginfo-1.1.27-4.redhat_1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-6.0.37-10_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-admin-webapps-6.0.37-10_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-docs-webapp-6.0.37-10_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-el-1.0-api-6.0.37-10_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-javadoc-6.0.37-10_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-jsp-2.1-api-6.0.37-10_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-lib-6.0.37-10_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-log4j-6.0.37-10_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-servlet-2.5-api-6.0.37-10_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-webapps-6.0.37-10_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-7.0.40-5_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-admin-webapps-7.0.40-5_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-docs-webapp-7.0.40-5_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-el-1.0-api-7.0.40-5_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-javadoc-7.0.40-5_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-jsp-2.2-api-7.0.40-5_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-lib-7.0.40-5_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-log4j-7.0.40-5_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-servlet-3.0-api-7.0.40-5_patch_01.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-webapps-7.0.40-5_patch_01.ep6.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-daemon-eap6 / apache-commons-daemon-jsvc-eap6 / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:30", "description": "Red Hat JBoss Web Server 2.0.1, which fixes multiple security issues and several bugs, is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release serves as a replacement for Red Hat JBoss Web Server 2.0.0, and includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.0.1 Release Notes for information on the most significant of these changes, available shortly from https://access.redhat.com/site/documentation/\n\nThe following security issues are also fixed with this release :\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session. (CVE-2012-4558)\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially crafted Host header. (CVE-2012-3499)\n\nA session fixation flaw was found in the Tomcat FormAuthenticator module. During a narrow window of time, if a remote attacker sent requests while a user was logging in, it could possibly result in the attacker's requests being processed as if they were sent by the user.\n(CVE-2013-2067)\n\nA denial of service flaw was found in the way the Tomcat chunked transfer encoding input filter processed CRLF sequences. A remote attacker could use this flaw to send an excessively long request, consuming network bandwidth, CPU, and memory on the Tomcat server.\nChunked transfer encoding is enabled by default. (CVE-2012-3544)\n\nA flaw was found in the way the Tomcat 7 asynchronous context implementation performed request management in certain circumstances.\nIf an application used AsyncListeners and threw RuntimeExceptions, Tomcat could send a reply that contains information from a different user's request, possibly leading to the disclosure of sensitive information. This issue only affected Tomcat 7. (CVE-2013-2071)\n\nNote: Do not install Red Hat JBoss Web Server 2 on a host which has Red Hat JBoss Web Server 1 installed.\n\nWarning: Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAll users of Red Hat JBoss Web Server 2.0.0 on Red Hat Enterprise Linux 5 are advised to upgrade to Red Hat JBoss Web Server 2.0.1. The JBoss server process must be restarted for this update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-26T00:00:00", "type": "nessus", "title": "RHEL 5 : JBoss Web Server (RHSA-2013:1011)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-3544", "CVE-2012-4558", "CVE-2013-2067", "CVE-2013-2071"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-eap6", "p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6", "p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-eap6", "p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-tomcat-eap6", "p-cpe:/a:redhat:enterprise_linux:dom4j", "p-cpe:/a:redhat:enterprise_linux:ecj3", "p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-tools", "p-cpe:/a:redhat:enterprise_linux:mod_cluster", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-demo", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-native", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat6", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat7", "p-cpe:/a:redhat:enterprise_linux:mod_jk-ap22", "p-cpe:/a:redhat:enterprise_linux:mod_jk-manual", "p-cpe:/a:redhat:enterprise_linux:mod_ssl", "p-cpe:/a:redhat:enterprise_linux:tomcat-native", "p-cpe:/a:redhat:enterprise_linux:tomcat6", "p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat6-el-1.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7", "p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat7-el-1.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2013-1011.NASL", "href": "https://www.tenable.com/plugins/nessus/76237", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1011. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76237);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-3544\", \"CVE-2012-4558\", \"CVE-2013-2067\", \"CVE-2013-2071\");\n script_xref(name:\"RHSA\", value:\"2013:1011\");\n\n script_name(english:\"RHEL 5 : JBoss Web Server (RHSA-2013:1011)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Red Hat JBoss Web Server 2.0.1, which fixes multiple security issues\nand several bugs, is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the\nApache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat\nConnector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and\nthe Tomcat Native library.\n\nThis release serves as a replacement for Red Hat JBoss Web Server\n2.0.0, and includes several bug fixes. Refer to the Red Hat JBoss Web\nServer 2.0.1 Release Notes for information on the most significant of\nthese changes, available shortly from\nhttps://access.redhat.com/site/documentation/\n\nThe following security issues are also fixed with this release :\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server\nmod_proxy_balancer module's manager web interface. If a remote\nattacker could trick a user, who was logged into the manager web\ninterface, into visiting a specially crafted URL, it would lead to\narbitrary web script execution in the context of the user's manager\ninterface session. (CVE-2012-4558)\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server\nmod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp\nmodules. An attacker could possibly use these flaws to perform XSS\nattacks if they were able to make the victim's browser generate an\nHTTP request with a specially crafted Host header. (CVE-2012-3499)\n\nA session fixation flaw was found in the Tomcat FormAuthenticator\nmodule. During a narrow window of time, if a remote attacker sent\nrequests while a user was logging in, it could possibly result in the\nattacker's requests being processed as if they were sent by the user.\n(CVE-2013-2067)\n\nA denial of service flaw was found in the way the Tomcat chunked\ntransfer encoding input filter processed CRLF sequences. A remote\nattacker could use this flaw to send an excessively long request,\nconsuming network bandwidth, CPU, and memory on the Tomcat server.\nChunked transfer encoding is enabled by default. (CVE-2012-3544)\n\nA flaw was found in the way the Tomcat 7 asynchronous context\nimplementation performed request management in certain circumstances.\nIf an application used AsyncListeners and threw RuntimeExceptions,\nTomcat could send a reply that contains information from a different\nuser's request, possibly leading to the disclosure of sensitive\ninformation. This issue only affected Tomcat 7. (CVE-2013-2071)\n\nNote: Do not install Red Hat JBoss Web Server 2 on a host which has\nRed Hat JBoss Web Server 1 installed.\n\nWarning: Before applying the update, back up your existing Red Hat\nJBoss Web Server installation (including all applications and\nconfiguration files).\n\nAll users of Red Hat JBoss Web Server 2.0.0 on Red Hat Enterprise\nLinux 5 are advised to upgrade to Red Hat JBoss Web Server 2.0.1. The\nJBoss server process must be restarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/site/documentation/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/site/documentation/en-US/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:1011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-2067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3544\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-2071\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-pool-tomcat-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dom4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ecj3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_jk-ap22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_jk-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-1.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-el-1.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:1011\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"mod_cluster\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"apache-commons-daemon-eap6-1.0.15-4.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"apache-commons-daemon-jsvc-eap6-1.0.15-1.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"apache-commons-daemon-jsvc-eap6-1.0.15-1.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"apache-commons-pool-eap6-1.6-6.redhat_4.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"apache-commons-pool-tomcat-eap6-1.6-6.redhat_4.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"dom4j-1.6.1-19.redhat_5.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"ecj3-3.7.2-6.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-2.2.22-23.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-2.2.22-23.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-devel-2.2.22-23.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-devel-2.2.22-23.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-manual-2.2.22-23.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-manual-2.2.22-23.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-tools-2.2.22-23.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-tools-2.2.22-23.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"mod_cluster-1.2.4-1.Final_redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"mod_cluster-demo-1.2.4-1.Final_redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mod_cluster-native-1.2.4-1.Final.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mod_cluster-native-1.2.4-1.Final.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"mod_cluster-tomcat6-1.2.4-1.Final_redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"mod_cluster-tomcat7-1.2.4-1.Final_redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mod_jk-ap22-1.2.37-2.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mod_jk-ap22-1.2.37-2.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mod_jk-manual-1.2.37-2.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mod_jk-manual-1.2.37-2.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mod_ssl-2.2.22-23.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mod_ssl-2.2.22-23.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tomcat-native-1.1.27-4.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tomcat-native-1.1.27-4.redhat_1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-6.0.37-8_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-admin-webapps-6.0.37-8_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-docs-webapp-6.0.37-8_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-el-1.0-api-6.0.37-8_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-javadoc-6.0.37-8_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-jsp-2.1-api-6.0.37-8_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-lib-6.0.37-8_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-log4j-6.0.37-8_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-servlet-2.5-api-6.0.37-8_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-webapps-6.0.37-8_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-7.0.40-9_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-admin-webapps-7.0.40-9_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-docs-webapp-7.0.40-9_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-el-1.0-api-7.0.40-9_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-javadoc-7.0.40-9_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-jsp-2.2-api-7.0.40-9_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-lib-7.0.40-9_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-log4j-7.0.40-9_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-servlet-3.0-api-7.0.40-9_patch_01.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-webapps-7.0.40-9_patch_01.ep6.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-daemon-eap6 / apache-commons-daemon-jsvc-eap6 / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:52:55", "description": "Red Hat JBoss Enterprise Application Platform 6.1.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nThis release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.1.0, and includes bug fixes and enhancements.\nRefer to the 6.1.1 Release Notes for information on the most significant of these changes, available shortly from https://access.redhat.com/site/documentation/\n\nSecurity fixes :\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially crafted Host header. (CVE-2012-3499)\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session.\n(CVE-2012-4558)\n\nA flaw was found in the way the mod_dav module handled merge requests.\nAn attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash. (CVE-2013-1896)\n\nA flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via a specially crafted XML signature block.\n(CVE-2013-2172)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nThe data file used by PicketBox Vault to store encrypted passwords contains a copy of its own admin key. The file is encrypted using only this admin key, not the corresponding JKS key. A local attacker with permission to read the vault data file could read the admin key from the file, and use it to decrypt the file and read the stored passwords in clear text. (CVE-2013-1921)\n\nA flaw was found in JGroup's DiagnosticsHandler that allowed an attacker on an adjacent network to reuse the credentials from a previous successful authentication. This could be exploited to read diagnostic information (information disclosure) and attain limited remote code execution. (CVE-2013-4112)\n\nWarning: Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. Refer to the Solution section for further details.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.1.0 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-13T00:00:00", "type": "nessus", "title": "RHEL 5 : JBoss EAP (RHSA-2013:1207)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-1921", "CVE-2013-2172", "CVE-2013-4112"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-commons-beanutils", "p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6", "p-cpe:/a:redhat:enterprise_linux:apache-cxf", "p-cpe:/a:redhat:enterprise_linux:apache-cxf-xjc-utils", "p-cpe:/a:redhat:enterprise_linux:cxf-xjc-boolean", "p-cpe:/a:redhat:enterprise_linux:cxf-xjc-dv", "p-cpe:/a:redhat:enterprise_linux:cxf-xjc-ts", "p-cpe:/a:redhat:enterprise_linux:hibernate4", "p-cpe:/a:redhat:enterprise_linux:hibernate4-core", "p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager", "p-cpe:/a:redhat:enterprise_linux:hibernate4-envers", "p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan", "p-cpe:/a:redhat:enterprise_linux:hornetq", "p-cpe:/a:redhat:enterprise_linux:hornetq-native", "p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-tools", "p-cpe:/a:redhat:enterprise_linux:infinispan", "p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:infinispan-core", "p-cpe:/a:redhat:enterprise_linux:ironjacamar", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-spec-api", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:jaxbintros", "p-cpe:/a:redhat:enterprise_linux:jboss-aesh", "p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient", "p-cpe:/a:redhat:enterprise_linux:jboss-as-cli", "p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all", "p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering", "p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp", "p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin", "p-cpe:/a:redhat:enterprise_linux:jboss-as-connector", "p-cpe:/a:redhat:enterprise_linux:jboss-as-console", "p-cpe:/a:redhat:enterprise_linux:jboss-as-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client", "p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository", "p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner", "p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http", "p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ee", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3", "p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded", "p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77", "p-cpe:/a:redhat:enterprise_linux:jboss-as-logging", "p-cpe:/a:redhat:enterprise_linux:jboss-as-mail", "p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content", "p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging", "p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster", "p-cpe:/a:redhat:enterprise_linux:jboss-as-naming", "p-cpe:/a:redhat:enterprise_linux:jboss-as-network", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service", "p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean", "p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo", "p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol", "p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting", "p-cpe:/a:redhat:enterprise_linux:jboss-as-sar", "p-cpe:/a:redhat:enterprise_linux:jboss-as-security", "p-cpe:/a:redhat:enterprise_linux:jboss-as-server", "p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx", "p-cpe:/a:redhat:enterprise_linux:jboss-as-threads", "p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions", "p-cpe:/a:redhat:enterprise_linux:jboss-as-version", "p-cpe:/a:redhat:enterprise_linux:jboss-as-web", "p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices", "p-cpe:/a:redhat:enterprise_linux:jboss-as-weld", "p-cpe:/a:redhat:enterprise_linux:jboss-as-xts", "p-cpe:/a:redhat:enterprise_linux:jboss-ejb-client", "p-cpe:/a:redhat:enterprise_linux:jboss-hal", "p-cpe:/a:redhat:enterprise_linux:jboss-invocation", "p-cpe:/a:redhat:enterprise_linux:jboss-jsp-api_2.2_spec", "p-cpe:/a:redhat:enterprise_linux:jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:jboss-marshalling", "p-cpe:/a:redhat:enterprise_linux:jboss-modules", "p-cpe:/a:redhat:enterprise_linux:jboss-remote-naming", "p-cpe:/a:redhat:enterprise_linux:jboss-security-negotiation", "p-cpe:/a:redhat:enterprise_linux:jboss-stdio", "p-cpe:/a:redhat:enterprise_linux:jbossas-appclient", "p-cpe:/a:redhat:enterprise_linux:jbossas-bundles", "p-cpe:/a:redhat:enterprise_linux:jbossas-core", "p-cpe:/a:redhat:enterprise_linux:jbossas-domain", "p-cpe:/a:redhat:enterprise_linux:jbossas-hornetq-native", "p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs", "p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap", "p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap", "p-cpe:/a:redhat:enterprise_linux:jbossas-standalone", "p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap", "p-cpe:/a:redhat:enterprise_linux:jbossts", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jbossws-common", "p-cpe:/a:redhat:enterprise_linux:jbossws-cxf", "p-cpe:/a:redhat:enterprise_linux:jbossws-spi", "p-cpe:/a:redhat:enterprise_linux:jcip-annotations-eap6", "p-cpe:/a:redhat:enterprise_linux:jgroups", "p-cpe:/a:redhat:enterprise_linux:log4j-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:mod_ssl", "p-cpe:/a:redhat:enterprise_linux:netty", "p-cpe:/a:redhat:enterprise_linux:opensaml", "p-cpe:/a:redhat:enterprise_linux:openws", "p-cpe:/a:redhat:enterprise_linux:picketbox", "p-cpe:/a:redhat:enterprise_linux:picketlink-federation", "p-cpe:/a:redhat:enterprise_linux:wss4j", "p-cpe:/a:redhat:enterprise_linux:xml-security", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2013-1207.NASL", "href": "https://www.tenable.com/plugins/nessus/69882", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:1207. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69882);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2012-3499\",\n \"CVE-2012-4558\",\n \"CVE-2013-1862\",\n \"CVE-2013-1896\",\n \"CVE-2013-1921\",\n \"CVE-2013-2172\",\n \"CVE-2013-4112\"\n );\n script_bugtraq_id(58165, 59826, 60846, 61129, 61179, 62256);\n script_xref(name:\"RHSA\", value:\"2013:1207\");\n\n script_name(english:\"RHEL 5 : JBoss EAP (RHSA-2013:1207)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Red Hat JBoss Enterprise Application Platform 6.1.1, which fixes\nmultiple security issues, various bugs, and adds enhancements, is now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nThis release serves as a replacement for Red Hat JBoss Enterprise\nApplication Platform 6.1.0, and includes bug fixes and enhancements.\nRefer to the 6.1.1 Release Notes for information on the most\nsignificant of these changes, available shortly from\nhttps://access.redhat.com/site/documentation/\n\nSecurity fixes :\n\nCross-site scripting (XSS) flaws were found in the mod_info,\nmod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An\nattacker could possibly use these flaws to perform XSS attacks if they\nwere able to make the victim's browser generate an HTTP request with a\nspecially crafted Host header. (CVE-2012-3499)\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a\nuser, who was logged into the manager web interface, into visiting a\nspecially crafted URL, it would lead to arbitrary web script execution\nin the context of the user's manager interface session.\n(CVE-2012-4558)\n\nA flaw was found in the way the mod_dav module handled merge requests.\nAn attacker could use this flaw to send a crafted merge request that\ncontains URIs that are not configured for DAV, causing the httpd child\nprocess to crash. (CVE-2013-1896)\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof\nan XML signature via a specially crafted XML signature block.\n(CVE-2013-2172)\n\nIt was found that mod_rewrite did not filter terminal escape sequences\nfrom its log file. If mod_rewrite was configured with the RewriteLog\ndirective, a remote attacker could use specially crafted HTTP requests\nto inject terminal escape sequences into the mod_rewrite log file. If\na victim viewed the log file with a terminal emulator, it could result\nin arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nThe data file used by PicketBox Vault to store encrypted passwords\ncontains a copy of its own admin key. The file is encrypted using only\nthis admin key, not the corresponding JKS key. A local attacker with\npermission to read the vault data file could read the admin key from\nthe file, and use it to decrypt the file and read the stored passwords\nin clear text. (CVE-2013-1921)\n\nA flaw was found in JGroup's DiagnosticsHandler that allowed an\nattacker on an adjacent network to reuse the credentials from a\nprevious successful authentication. This could be exploited to read\ndiagnostic information (information disclosure) and attain limited\nremote code execution. (CVE-2013-4112)\n\nWarning: Before applying this update, back up your existing Red Hat\nJBoss Enterprise Application Platform installation and deployed\napplications. Refer to the Solution section for further details.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.1.0 on\nRed Hat Enterprise Linux 5 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-3499.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-4558.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-1862.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-1896.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-1921.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-2172.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-4112.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/site/documentation/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2013-1207.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-beanutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-cxf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-cxf-xjc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cxf-xjc-boolean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cxf-xjc-dv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cxf-xjc-ts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hornetq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hornetq-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-spec-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jaxbintros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-aesh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-connector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-naming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-sar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-threads\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-version\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-weld\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-xts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-hal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-invocation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-jsp-api_2.2_spec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-marshalling\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remote-naming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-security-negotiation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-stdio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-domain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-hornetq-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-standalone\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-cxf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jcip-annotations-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jgroups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:opensaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:picketbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wss4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xml-security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (!rpm_exists(rpm:\"jboss-as-server\", release:\"RHEL5\")) exit(0, \"Red Hat JBoss EAP is not installed.\");\n\nflag = 0;\nif (rpm_check(release:\"RHEL5\", reference:\"apache-commons-beanutils-1.8.3-12.redhat_3.2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"apache-commons-daemon-jsvc-eap6-1.0.15-2.redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"apache-commons-daemon-jsvc-eap6-1.0.15-2.redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"apache-cxf-2.6.8-8.redhat_7.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"apache-cxf-xjc-utils-2.6.0-2.redhat_4.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"cxf-xjc-boolean-2.6.0-2.redhat_4.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"cxf-xjc-dv-2.6.0-2.redhat_4.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"cxf-xjc-ts-2.6.0-2.redhat_4.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"hibernate4-4.2.0-11.SP1_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"hibernate4-core-4.2.0-11.SP1_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"hibernate4-entitymanager-4.2.0-11.SP1_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"hibernate4-envers-4.2.0-11.SP1_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"hibernate4-infinispan-4.2.0-11.SP1_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"hornetq-2.3.5-2.Final_redhat_2.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"hornetq-native-2.3.5-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"hornetq-native-2.3.5-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-2.2.22-25.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-2.2.22-25.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-devel-2.2.22-25.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-devel-2.2.22-25.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"httpd-tools-2.2.22-25.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"httpd-tools-2.2.22-25.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"infinispan-5.2.7-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"infinispan-cachestore-jdbc-5.2.7-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"infinispan-cachestore-remote-5.2.7-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"infinispan-client-hotrod-5.2.7-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"infinispan-core-5.2.7-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"ironjacamar-1.0.19-1.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"ironjacamar-common-api-1.0.19-1.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"ironjacamar-common-impl-1.0.19-1.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"ironjacamar-common-spi-1.0.19-1.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"ironjacamar-core-api-1.0.19-1.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"ironjacamar-core-impl-1.0.19-1.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"ironjacamar-deployers-common-1.0.19-1.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"ironjacamar-jdbc-1.0.19-1.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"ironjacamar-spec-api-1.0.19-1.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"ironjacamar-validator-1.0.19-1.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jaxbintros-1.0.2-16.GA_redhat_6.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-aesh-0.33.7-2.redhat_2.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-appclient-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-cli-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-client-all-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-clustering-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-cmp-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-configadmin-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-connector-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-console-1.5.6-2.Final_redhat_2.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-controller-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-controller-client-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-deployment-repository-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-deployment-scanner-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-domain-http-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-domain-management-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-ee-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-ee-deployment-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-ejb3-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-embedded-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-host-controller-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jacorb-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jaxr-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jaxrs-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jdr-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jmx-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jpa-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jsf-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-jsr77-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-logging-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-mail-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-management-client-content-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-messaging-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-modcluster-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-naming-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-network-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-osgi-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-osgi-configadmin-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-osgi-service-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-platform-mbean-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-pojo-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-process-controller-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-protocol-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-remoting-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-sar-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-security-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-server-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-system-jmx-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-threads-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-transactions-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-version-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-web-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-webservices-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-weld-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-as-xts-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-ejb-client-1.0.23-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-hal-1.5.7-1.Final_redhat_1.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-invocation-1.1.2-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-jsp-api_2.2_spec-1.0.1-6.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-logmanager-1.4.3-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-marshalling-1.3.18-2.GA_redhat_1.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-modules-1.2.2-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-remote-naming-1.0.7-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-security-negotiation-2.2.5-2.Final_redhat_2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jboss-stdio-1.0.2-1.GA_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossas-appclient-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossas-bundles-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossas-core-7.2.1-6.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossas-domain-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jbossas-hornetq-native-2.3.5-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jbossas-hornetq-native-2.3.5-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossas-javadocs-7.2.1-2.Final_redhat_10.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossas-modules-eap-7.2.1-9.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossas-product-eap-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossas-standalone-7.2.1-6.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossas-welcome-content-eap-7.2.1-5.Final_redhat_10.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossts-4.17.7-4.Final_redhat_4.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossweb-7.2.2-1.Final_redhat_1.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossws-common-2.1.3-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossws-cxf-4.1.4-7.Final_redhat_7.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jbossws-spi-2.1.3-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jcip-annotations-eap6-1.0-4.redhat_4.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"jgroups-3.2.10-1.Final_redhat_2.2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"log4j-jboss-logmanager-1.0.2-1.Final_redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mod_ssl-2.2.22-25.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mod_ssl-2.2.22-25.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"netty-3.6.6-3.Final_redhat_1.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"opensaml-2.5.1-2.redhat_2.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"openws-1.4.2-10.redhat_4.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"picketbox-4.0.17-3.SP2_redhat_2.1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"picketlink-federation-2.1.6.3-2.Final_redhat_2.2.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"wss4j-1.6.10-1.redhat_1.ep6.el5\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"xml-security-1.5.5-1.redhat_1.ep6.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-13T14:50:30", "description": "The version of JBoss Enterprise Application Platform installed on the remote system is affected by the following issues :\n\n - Flaws in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules can allow an attacker to perform cross-site scripting (XSS) attacks.\n (CVE-2012-3499)\n\n - Flaws in the web interface of the mod_proxy_balancer module can allow a remote attacker to perform XSS attacks. (CVE-2012-4558)\n\n - A flaw in mod_rewrite can allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.\n (CVE-2013-1862)\n\n - A flaw in the method by which the mod_dav module handles merge requests can allow an attacker to create a denial of service by sending a crafted merge request that contains URIs that are not configured for DAV.\n (CVE-2013-1896)\n\n - A flaw in PicketBox can allow local users to obtain the admin encryption key by reading the Vault data file.\n (CVE-2013-1921)\n\n - A flaw in Apache Santuario XML Security can allow context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak algorithm. (CVE-2013-2172)\n\n - A flaw in JGroup's DiagnosticsHandler can allow remote attackers to obtain sensitive information and execute arbitrary code by re-using valid credentials.\n (CVE-2013-4112)", "cvss3": {"score": null, "vector": null}, "published": "2014-01-31T00:00:00", "type": "nessus", "title": "JBoss Enterprise Application Platform 6.1.1 Update (RHSA-2013:1209)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-1921", "CVE-2013-2172", "CVE-2013-4112"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:redhat:jboss_enterprise_application_platform:6.1.0"], "id": "REDHAT-RHSA-2013-1209.NASL", "href": "https://www.tenable.com/plugins/nessus/72238", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72238);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2012-3499\",\n \"CVE-2012-4558\",\n \"CVE-2013-1862\",\n \"CVE-2013-1896\",\n \"CVE-2013-1921\",\n \"CVE-2013-2172\",\n \"CVE-2013-4112\"\n );\n script_bugtraq_id(\n 58165,\n 59826,\n 60846,\n 61129,\n 61179,\n 62256\n );\n script_xref(name:\"RHSA\", value:\"2013:1209\");\n\n script_name(english:\"JBoss Enterprise Application Platform 6.1.1 Update (RHSA-2013:1209)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of JBoss Enterprise Application Platform installed on the\nremote system is affected by the following issues :\n\n - Flaws in the mod_info, mod_status, mod_imagemap,\n mod_ldap, and mod_proxy_ftp modules can allow an\n attacker to perform cross-site scripting (XSS) attacks.\n (CVE-2012-3499)\n\n - Flaws in the web interface of the mod_proxy_balancer\n module can allow a remote attacker to perform XSS\n attacks. (CVE-2012-4558)\n\n - A flaw in mod_rewrite can allow remote attackers to\n execute arbitrary commands via an HTTP request\n containing an escape sequence for a terminal emulator.\n (CVE-2013-1862)\n\n - A flaw in the method by which the mod_dav module\n handles merge requests can allow an attacker to create\n a denial of service by sending a crafted merge request\n that contains URIs that are not configured for DAV.\n (CVE-2013-1896)\n\n - A flaw in PicketBox can allow local users to obtain the\n admin encryption key by reading the Vault data file.\n (CVE-2013-1921)\n\n - A flaw in Apache Santuario XML Security can allow\n context-dependent attackers to spoof an XML Signature\n by using the CanonicalizationMethod parameter to\n specify an arbitrary weak algorithm. (CVE-2013-2172)\n\n - A flaw in JGroup's DiagnosticsHandler can allow remote\n attackers to obtain sensitive information and execute\n arbitrary code by re-using valid credentials.\n (CVE-2013-4112)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2012-3499.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2012-4558.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-1862.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-1896.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-1921.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-2172.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-4112.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the installed JBoss Enterprise Application Platform 6.1.0 to\n6.1.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:jboss_enterprise_application_platform:6.1.0\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"jboss_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# We are only interested in Red Hat systems\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\n\ninfo = \"\";\njboss = 0;\ninstalls = get_kb_list_or_exit(\"Host/JBoss/EAP\");\nif(!isnull(installs)) jboss = 1;\n\nforeach install (make_list(installs))\n{\n match = eregmatch(string:install, pattern:\"([^:]+):(.*)\");\n\n if (!isnull(match))\n {\n ver = match[1];\n path = match[2];\n\n if (ver =~ \"^6.1.0([^0-9]|$)\")\n {\n info += '\\n' + ' Path : ' + path+ '\\n';\n info += ' Version : ' + ver + '\\n';\n }\n }\n}\n\n# Report what we found.\nif (info)\n{\n set_kb_item(name: 'www/0/XSS', value: TRUE);\n\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 3) s = 's of the JBoss Enterprise Application Platform are';\n else s = ' of the JBoss Enterprise Application Platform is';\n\n report =\n '\\n' +\n 'The following instance'+s+' out of date and\\nshould be upgraded to 6.1.1 or later :\\n' +\n info;\n\n security_warning(port:0, extra:report);\n }\n else security_warning(port:0);\n}\nelse if ( (!info) && (jboss) )\n{\n exit(0, \"The JBoss Enterprise Application Platform version installed is not affected.\");\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-08-19T12:53:01", "description": "Red Hat JBoss Enterprise Application Platform 6.1.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nThis release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.1.0, and includes bug fixes and enhancements.\nRefer to the 6.1.1 Release Notes for information on the most significant of these changes, available shortly from https://access.redhat.com/site/documentation/\n\nSecurity fixes :\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially crafted Host header. (CVE-2012-3499)\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session.\n(CVE-2012-4558)\n\nA flaw was found in the way the mod_dav module handled merge requests.\nAn attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash. (CVE-2013-1896)\n\nA flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via a specially crafted XML signature block.\n(CVE-2013-2172)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nThe data file used by PicketBox Vault to store encrypted passwords contains a copy of its own admin key. The file is encrypted using only this admin key, not the corresponding JKS key. A local attacker with permission to read the vault data file could read the admin key from the file, and use it to decrypt the file and read the stored passwords in clear text. (CVE-2013-1921)\n\nA flaw was found in JGroup's DiagnosticsHandler that allowed an attacker on an adjacent network to reuse the credentials from a previous successful authentication. This could be exploited to read diagnostic information (information disclosure) and attain limited remote code execution. (CVE-2013-4112)\n\nWarning: Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. Refer to the Solution section for further details.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.1.0 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-13T00:00:00", "type": "nessus", "title": "RHEL 6 : JBoss EAP (RHSA-2013:1208)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-1921", "CVE-2013-2172", "CVE-2013-4112"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-commons-beanutils", "p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6", "p-cpe:/a:redhat:enterprise_linux:apache-cxf", "p-cpe:/a:redhat:enterprise_linux:apache-cxf-xjc-utils", "p-cpe:/a:redhat:enterprise_linux:cxf-xjc-boolean", "p-cpe:/a:redhat:enterprise_linux:cxf-xjc-dv", "p-cpe:/a:redhat:enterprise_linux:cxf-xjc-ts", "p-cpe:/a:redhat:enterprise_linux:hibernate4", "p-cpe:/a:redhat:enterprise_linux:hibernate4-core", "p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager", "p-cpe:/a:redhat:enterprise_linux:hibernate4-envers", "p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan", "p-cpe:/a:redhat:enterprise_linux:hornetq", "p-cpe:/a:redhat:enterprise_linux:hornetq-native", "p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-tools", "p-cpe:/a:redhat:enterprise_linux:infinispan", "p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-jdbc", "p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-remote", "p-cpe:/a:redhat:enterprise_linux:infinispan-client-hotrod", "p-cpe:/a:redhat:enterprise_linux:infinispan-core", "p-cpe:/a:redhat:enterprise_linux:ironjacamar", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-api", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-impl", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-spi", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-core-api", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-core-impl", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-deployers-common", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-jdbc", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-spec-api", "p-cpe:/a:redhat:enterprise_linux:ironjacamar-validator", "p-cpe:/a:redhat:enterprise_linux:jaxbintros", "p-cpe:/a:redhat:enterprise_linux:jboss-aesh", "p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient", "p-cpe:/a:redhat:enterprise_linux:jboss-as-cli", "p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all", "p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering", "p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp", "p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin", "p-cpe:/a:redhat:enterprise_linux:jboss-as-connector", "p-cpe:/a:redhat:enterprise_linux:jboss-as-console", "p-cpe:/a:redhat:enterprise_linux:jboss-as-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client", "p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository", "p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner", "p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http", "p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ee", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment", "p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3", "p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded", "p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf", "p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77", "p-cpe:/a:redhat:enterprise_linux:jboss-as-logging", "p-cpe:/a:redhat:enterprise_linux:jboss-as-mail", "p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content", "p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging", "p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster", "p-cpe:/a:redhat:enterprise_linux:jboss-as-naming", "p-cpe:/a:redhat:enterprise_linux:jboss-as-network", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin", "p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service", "p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean", "p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo", "p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller", "p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol", "p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting", "p-cpe:/a:redhat:enterprise_linux:jboss-as-sar", "p-cpe:/a:redhat:enterprise_linux:jboss-as-security", "p-cpe:/a:redhat:enterprise_linux:jboss-as-server", "p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx", "p-cpe:/a:redhat:enterprise_linux:jboss-as-threads", "p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions", "p-cpe:/a:redhat:enterprise_linux:jboss-as-version", "p-cpe:/a:redhat:enterprise_linux:jboss-as-web", "p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices", "p-cpe:/a:redhat:enterprise_linux:jboss-as-weld", "p-cpe:/a:redhat:enterprise_linux:jboss-as-xts", "p-cpe:/a:redhat:enterprise_linux:jboss-ejb-client", "p-cpe:/a:redhat:enterprise_linux:jboss-hal", "p-cpe:/a:redhat:enterprise_linux:jboss-invocation", "p-cpe:/a:redhat:enterprise_linux:jboss-jsp-api_2.2_spec", "p-cpe:/a:redhat:enterprise_linux:jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:jboss-marshalling", "p-cpe:/a:redhat:enterprise_linux:jboss-modules", "p-cpe:/a:redhat:enterprise_linux:jboss-remote-naming", "p-cpe:/a:redhat:enterprise_linux:jboss-security-negotiation", "p-cpe:/a:redhat:enterprise_linux:jboss-stdio", "p-cpe:/a:redhat:enterprise_linux:jbossas-appclient", "p-cpe:/a:redhat:enterprise_linux:jbossas-bundles", "p-cpe:/a:redhat:enterprise_linux:jbossas-core", "p-cpe:/a:redhat:enterprise_linux:jbossas-domain", "p-cpe:/a:redhat:enterprise_linux:jbossas-hornetq-native", "p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs", "p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap", "p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap", "p-cpe:/a:redhat:enterprise_linux:jbossas-standalone", "p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap", "p-cpe:/a:redhat:enterprise_linux:jbossts", "p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jbossws-common", "p-cpe:/a:redhat:enterprise_linux:jbossws-cxf", "p-cpe:/a:redhat:enterprise_linux:jbossws-spi", "p-cpe:/a:redhat:enterprise_linux:jcip-annotations-eap6", "p-cpe:/a:redhat:enterprise_linux:jgroups", "p-cpe:/a:redhat:enterprise_linux:log4j-jboss-logmanager", "p-cpe:/a:redhat:enterprise_linux:mod_ssl", "p-cpe:/a:redhat:enterprise_linux:netty", "p-cpe:/a:redhat:enterprise_linux:opensaml", "p-cpe:/a:redhat:enterprise_linux:openws", "p-cpe:/a:redhat:enterprise_linux:picketbox", "p-cpe:/a:redhat:enterprise_linux:picketlink-federation", "p-cpe:/a:redhat:enterprise_linux:wss4j", "p-cpe:/a:redhat:enterprise_linux:xml-security", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-1208.NASL", "href": "https://www.tenable.com/plugins/nessus/69883", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:1208. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69883);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2012-3499\",\n \"CVE-2012-4558\",\n \"CVE-2013-1862\",\n \"CVE-2013-1896\",\n \"CVE-2013-1921\",\n \"CVE-2013-2172\",\n \"CVE-2013-4112\"\n );\n script_bugtraq_id(58165, 59826, 60846, 61129, 61179, 62256);\n script_xref(name:\"RHSA\", value:\"2013:1208\");\n\n script_name(english:\"RHEL 6 : JBoss EAP (RHSA-2013:1208)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Red Hat JBoss Enterprise Application Platform 6.1.1, which fixes\nmultiple security issues, various bugs, and adds enhancements, is now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nThis release serves as a replacement for Red Hat JBoss Enterprise\nApplication Platform 6.1.0, and includes bug fixes and enhancements.\nRefer to the 6.1.1 Release Notes for information on the most\nsignificant of these changes, available shortly from\nhttps://access.redhat.com/site/documentation/\n\nSecurity fixes :\n\nCross-site scripting (XSS) flaws were found in the mod_info,\nmod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An\nattacker could possibly use these flaws to perform XSS attacks if they\nwere able to make the victim's browser generate an HTTP request with a\nspecially crafted Host header. (CVE-2012-3499)\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a\nuser, who was logged into the manager web interface, into visiting a\nspecially crafted URL, it would lead to arbitrary web script execution\nin the context of the user's manager interface session.\n(CVE-2012-4558)\n\nA flaw was found in the way the mod_dav module handled merge requests.\nAn attacker could use this flaw to send a crafted merge request that\ncontains URIs that are not configured for DAV, causing the httpd child\nprocess to crash. (CVE-2013-1896)\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof\nan XML signature via a specially crafted XML signature block.\n(CVE-2013-2172)\n\nIt was found that mod_rewrite did not filter terminal escape sequences\nfrom its log file. If mod_rewrite was configured with the RewriteLog\ndirective, a remote attacker could use specially crafted HTTP requests\nto inject terminal escape sequences into the mod_rewrite log file. If\na victim viewed the log file with a terminal emulator, it could result\nin arbitrary command execution with the privileges of that user.\n(CVE-2013-1862)\n\nThe data file used by PicketBox Vault to store encrypted passwords\ncontains a copy of its own admin key. The file is encrypted using only\nthis admin key, not the corresponding JKS key. A local attacker with\npermission to read the vault data file could read the admin key from\nthe file, and use it to decrypt the file and read the stored passwords\nin clear text. (CVE-2013-1921)\n\nA flaw was found in JGroup's DiagnosticsHandler that allowed an\nattacker on an adjacent network to reuse the credentials from a\nprevious successful authentication. This could be exploited to read\ndiagnostic information (information disclosure) and attain limited\nremote code execution. (CVE-2013-4112)\n\nWarning: Before applying this update, back up your existing Red Hat\nJBoss Enterprise Application Platform installation and deployed\napplications. Refer to the Solution section for further details.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.1.0 on\nRed Hat Enterprise Linux 6 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-3499.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-4558.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-1862.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-1896.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-1921.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-2172.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2013-4112.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/site/documentation/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2013-1208.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-beanutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-daemon-jsvc-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-cxf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-cxf-xjc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cxf-xjc-boolean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cxf-xjc-dv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cxf-xjc-ts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-envers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hibernate4-infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hornetq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hornetq-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-cachestore-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-client-hotrod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:infinispan-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-common-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-core-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-core-impl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-deployers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-spec-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ironjacamar-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jaxbintros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-aesh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-client-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-clustering\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-cmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-connector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-controller-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-repository\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-deployment-scanner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-domain-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ee-deployment\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-ejb3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-host-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jacorb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jaxrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jdr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jpa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-jsr77\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-management-client-content\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-messaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-modcluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-naming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-configadmin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-osgi-service\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-platform-mbean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-pojo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-process-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-protocol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-remoting\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-sar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-system-jmx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-threads\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-transactions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-version\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-webservices\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-weld\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-as-xts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-ejb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-hal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-invocation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-jsp-api_2.2_spec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-marshalling\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-remote-naming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-security-negotiation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-stdio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-appclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-domain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-hornetq-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-javadocs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-modules-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-product-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-standalone\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossas-welcome-content-eap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-cxf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossws-spi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jcip-annotations-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jgroups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:log4j-jboss-logmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:netty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:opensaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:picketbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:picketlink-federation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:wss4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xml-security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (!rpm_exists(rpm:\"jboss-as-server\", release:\"RHEL6\")) exit(0, \"Red Hat JBoss EAP is not installed.\");\n\nflag = 0;\nif (rpm_check(release:\"RHEL6\", reference:\"apache-commons-beanutils-1.8.3-12.redhat_3.2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"apache-commons-daemon-jsvc-eap6-1.0.15-2.redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"apache-commons-daemon-jsvc-eap6-1.0.15-2.redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"apache-cxf-2.6.8-8.redhat_7.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"apache-cxf-xjc-utils-2.6.0-2.redhat_4.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"cxf-xjc-boolean-2.6.0-2.redhat_4.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"cxf-xjc-dv-2.6.0-2.redhat_4.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"cxf-xjc-ts-2.6.0-2.redhat_4.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"hibernate4-4.2.0-7.SP1_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"hibernate4-core-4.2.0-7.SP1_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"hibernate4-entitymanager-4.2.0-7.SP1_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"hibernate4-envers-4.2.0-7.SP1_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"hibernate4-infinispan-4.2.0-7.SP1_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"hornetq-2.3.5-2.Final_redhat_2.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"hornetq-native-2.3.5-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"hornetq-native-2.3.5-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-2.2.22-25.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-2.2.22-25.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-devel-2.2.22-25.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-devel-2.2.22-25.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-tools-2.2.22-25.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-tools-2.2.22-25.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"infinispan-5.2.7-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"infinispan-cachestore-jdbc-5.2.7-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"infinispan-cachestore-remote-5.2.7-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"infinispan-client-hotrod-5.2.7-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"infinispan-core-5.2.7-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"ironjacamar-1.0.19-1.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"ironjacamar-common-api-1.0.19-1.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"ironjacamar-common-impl-1.0.19-1.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"ironjacamar-common-spi-1.0.19-1.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"ironjacamar-core-api-1.0.19-1.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"ironjacamar-core-impl-1.0.19-1.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"ironjacamar-deployers-common-1.0.19-1.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"ironjacamar-jdbc-1.0.19-1.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"ironjacamar-spec-api-1.0.19-1.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"ironjacamar-validator-1.0.19-1.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jaxbintros-1.0.2-16.GA_redhat_6.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-aesh-0.33.7-2.redhat_2.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-appclient-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-cli-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-client-all-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-clustering-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-cmp-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-configadmin-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-connector-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-console-1.5.6-2.Final_redhat_2.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-controller-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-controller-client-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-deployment-repository-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-deployment-scanner-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-domain-http-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-domain-management-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-ee-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-ee-deployment-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-ejb3-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-embedded-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-host-controller-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jacorb-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jaxr-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jaxrs-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jdr-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jmx-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jpa-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jsf-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-jsr77-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-logging-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-mail-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-management-client-content-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-messaging-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-modcluster-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-naming-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-network-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-osgi-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-osgi-configadmin-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-osgi-service-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-platform-mbean-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-pojo-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-process-controller-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-protocol-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-remoting-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-sar-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-security-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-server-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-system-jmx-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-threads-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-transactions-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-version-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-web-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-webservices-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-weld-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-as-xts-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-ejb-client-1.0.23-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-hal-1.5.7-1.Final_redhat_1.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-invocation-1.1.2-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-jsp-api_2.2_spec-1.0.1-6.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-logmanager-1.4.3-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-marshalling-1.3.18-1.GA_redhat_1.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-modules-1.2.2-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-remote-naming-1.0.7-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-security-negotiation-2.2.5-2.Final_redhat_2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jboss-stdio-1.0.2-1.GA_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossas-appclient-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossas-bundles-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossas-core-7.2.1-6.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossas-domain-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"jbossas-hornetq-native-2.3.5-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbossas-hornetq-native-2.3.5-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossas-javadocs-7.2.1-2.Final_redhat_10.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossas-modules-eap-7.2.1-9.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossas-product-eap-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossas-standalone-7.2.1-6.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossas-welcome-content-eap-7.2.1-5.Final_redhat_10.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossts-4.17.7-4.Final_redhat_4.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossweb-7.2.2-1.Final_redhat_1.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossws-common-2.1.3-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossws-cxf-4.1.4-7.Final_redhat_7.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jbossws-spi-2.1.3-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jcip-annotations-eap6-1.0-4.redhat_4.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"jgroups-3.2.10-1.Final_redhat_2.2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"log4j-jboss-logmanager-1.0.2-1.Final_redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_ssl-2.2.22-25.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_ssl-2.2.22-25.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"netty-3.6.6-2.Final_redhat_1.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"opensaml-2.5.1-2.redhat_2.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"openws-1.4.2-10.redhat_4.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"picketbox-4.0.17-3.SP2_redhat_2.1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"picketlink-federation-2.1.6.3-2.Final_redhat_2.2.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"wss4j-1.6.10-1.redhat_1.ep6.el6\")) flag++;\nif (rpm_check(release:\"RHEL6\", reference:\"xml-security-1.5.5-1.redhat_1.ep6.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:52:10", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.\n (CVE-2012-3499)\n\n - mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator. (CVE-2013-1862)\n\n - mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI. (CVE-2013-1896)", "cvss3": {"score": null, "vector": null}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : apache (cve_2013_1896_denial_of)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3499", "CVE-2013-1862", "CVE-2013-1896"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:apache"], "id": "SOLARIS11_APACHE_20131015.NASL", "href": "https://www.tenable.com/plugins/nessus/80585", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80585);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-3499\", \"CVE-2013-1862\", \"CVE-2013-1896\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : apache (cve_2013_1896_denial_of)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - Multiple cross-site scripting (XSS) vulnerabilities in\n the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x\n before 2.4.4 allow remote attackers to inject arbitrary\n web script or HTML via vectors involving hostnames and\n URIs in the (1) mod_imagemap, (2) mod_info, (3)\n mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.\n (CVE-2012-3499)\n\n - mod_rewrite.c in the mod_rewrite module in the Apache\n HTTP Server 2.2.x before 2.2.25 writes data to a log\n file without sanitizing non-printable characters, which\n might allow remote attackers to execute arbitrary\n commands via an HTTP request containing an escape\n sequence for a terminal emulator. (CVE-2013-1862)\n\n - mod_dav.c in the Apache HTTP Server before 2.2.25 does\n not properly determine whether DAV is enabled for a URI,\n which allows remote attackers to cause a denial of\n service (segmentation fault) via a MERGE request in\n which the URI is configured for handling by the\n mod_dav_svn module, but a certain href attribute in XML\n data refers to a non-DAV URI. (CVE-2013-1896)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://blogs.oracle.com/sunsecurity/cve-2013-1896-denial-of-service-dos-vulnerability-in-apache-http-server\"\n );\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-apache-http-server\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?158e3c7f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.11.4.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:apache\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^apache-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.11.0.4.0\", sru:\"SRU 11.1.11.4.0\") > 0) flag++;\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n error_extra = 'Affected package : apache\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"apache\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-02T15:11:56", "description": "The remote host is running a version of NSM (Network and Security Manager) Server that is prior to 2012.2R9. It is, therefore, affected by multiple vulnerabilities in the bundled version of Apache HTTP Server :\n\n - A flaw exists due to improper escaping of filenames in 406 and 300 HTTP responses. A remote attacker can exploit this, by uploading a file with a specially crafted name, to inject arbitrary HTTP headers or conduct cross-site scripting attacks. (CVE-2008-0456)\n\n - Multiple cross-site scripting vulnerabilities exist in the mod_negotiation module due to improper sanitization of input passed via filenames. An attacker can exploit this to execute arbitrary script code in a user's browser. (CVE-2012-2687)\n\n - Multiple cross-site scripting vulnerabilities exist in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules due to improper validation of input passed via the URL or hostnames. An attacker can exploit this to execute arbitrary script code in a user's browser. (CVE-2012-3499)\n\n - A cross-site scripting vulnerability exists in the mod_proxy_balancer module due to improper validation of input passed via the URL or hostnames. An attacker can exploit this to execute arbitrary script code in a user's browser. (CVE-2012-4558)\n\n - A flaw exists in the do_rewritelog() function due to improper sanitization of escape sequences written to log files. A remote attacker can exploit this, via a specially crafted HTTP request, to execute arbitrary commands. (CVE-2013-1862)\n\n - A denial of service vulnerability exists in mod_dav.c due to improper validation to determine if DAV is enabled for a URI. A remote attacker can exploit this, via a specially crafted MERGE request, to cause a segmentation fault, resulting in a denial of service condition. (CVE-2013-1896)\n\n - A denial of service vulnerability exists in the dav_xml_get_cdata() function due to improper removal of whitespace characters from CDATA sections. A remote attacker can exploit this, via a specially crafted DAV WRITE request, to cause a daemon crash, resulting in a denial of service condition. (CVE-2013-6438)\n\n - A flaw exists in log_cookie() function due to the logging of cookies with an unassigned value. A remote attacker can exploit this, via a specially crafted request, to cause a segmentation fault, resulting in a denial of service condition. (CVE-2014-0098)\n\n - A flaw exists in the deflate_in_filter() function when request body decompression is configured. A remote attacker can exploit this, via a specially crafted request, to exhaust available memory and CPU resources, resulting in a denial of service condition.\n (CVE-2014-0118)\n\n - A race condition exists in the mod_status module due to improper validation of user-supplied input when handling the scoreboard. A remote attacker can exploit this, via a crafted request, to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2014-0226)\n\n - A flaw exists in the mod_cgid module due to the lack of a timeout mechanism. A remote attacker can exploit this, via a request to a CGI script that does not read from its stdin file descriptor, to cause a denial of service condition. (CVE-2014-0231)", "cvss3": {"score": null, "vector": null}, "published": "2015-07-20T00:00:00", "type": "nessus", "title": "Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0456", "CVE-2012-2687", "CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-6438", "CVE-2014-0098", "CVE-2014-0118", "CVE-2014-0226", "CVE-2014-0231"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:juniper:network_and_security_manager"], "id": "JUNIPER_NSM_JSA10685.NASL", "href": "https://www.tenable.com/plugins/nessus/84877", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84877);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2008-0456\",\n \"CVE-2012-2687\",\n \"CVE-2012-3499\",\n \"CVE-2012-4558\",\n \"CVE-2013-1862\",\n \"CVE-2013-1896\",\n \"CVE-2013-6438\",\n \"CVE-2014-0098\",\n \"CVE-2014-0118\",\n \"CVE-2014-0226\",\n \"CVE-2014-0231\"\n );\n script_bugtraq_id(\n 27409,\n 55131,\n 58165,\n 59826,\n 61129,\n 66303,\n 68678,\n 68742,\n 68745\n );\n\n script_name(english:\"Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of NSM (Network and Security\nManager) Server that is prior to 2012.2R9. It is, therefore, affected\nby multiple vulnerabilities in the bundled version of Apache HTTP\nServer :\n\n - A flaw exists due to improper escaping of filenames in\n 406 and 300 HTTP responses. A remote attacker can\n exploit this, by uploading a file with a specially\n crafted name, to inject arbitrary HTTP headers or\n conduct cross-site scripting attacks. (CVE-2008-0456)\n\n - Multiple cross-site scripting vulnerabilities exist in\n the mod_negotiation module due to improper sanitization\n of input passed via filenames. An attacker can exploit\n this to execute arbitrary script code in a user's\n browser. (CVE-2012-2687)\n\n - Multiple cross-site scripting vulnerabilities exist in\n the mod_info, mod_status, mod_imagemap, mod_ldap, and\n mod_proxy_ftp modules due to improper validation of\n input passed via the URL or hostnames. An attacker can\n exploit this to execute arbitrary script code in a\n user's browser. (CVE-2012-3499)\n\n - A cross-site scripting vulnerability exists in the\n mod_proxy_balancer module due to improper validation of\n input passed via the URL or hostnames. An attacker can\n exploit this to execute arbitrary script code in a\n user's browser. (CVE-2012-4558)\n\n - A flaw exists in the do_rewritelog() function due to\n improper sanitization of escape sequences written to log\n files. A remote attacker can exploit this, via a\n specially crafted HTTP request, to execute arbitrary\n commands. (CVE-2013-1862)\n\n - A denial of service vulnerability exists in mod_dav.c\n due to improper validation to determine if DAV is\n enabled for a URI. A remote attacker can exploit this,\n via a specially crafted MERGE request, to cause a\n segmentation fault, resulting in a denial of service\n condition. (CVE-2013-1896)\n\n - A denial of service vulnerability exists in the\n dav_xml_get_cdata() function\n due to improper removal of whitespace characters from\n CDATA sections. A remote attacker can exploit this,\n via a specially crafted DAV WRITE request, to cause a\n daemon crash, resulting in a denial of service\n condition. (CVE-2013-6438)\n\n - A flaw exists in log_cookie() function due to the\n logging of cookies with an unassigned value. A remote\n attacker can exploit this, via a specially crafted\n request, to cause a segmentation fault, resulting in a\n denial of service condition. (CVE-2014-0098)\n\n - A flaw exists in the deflate_in_filter() function when\n request body decompression is configured. A remote\n attacker can exploit this, via a specially crafted\n request, to exhaust available memory and CPU resources,\n resulting in a denial of service condition.\n (CVE-2014-0118)\n\n - A race condition exists in the mod_status module due to\n improper validation of user-supplied input when handling\n the scoreboard. A remote attacker can exploit this, via\n a crafted request, to cause a heap-based buffer\n overflow, resulting in a denial of service condition or\n the execution of arbitrary code. (CVE-2014-0226)\n\n - A flaw exists in the mod_cgid module due to the lack of\n a timeout mechanism. A remote attacker can exploit this,\n via a request to a CGI script that does not read from\n its stdin file descriptor, to cause a denial of service\n condition. (CVE-2014-0231)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10685\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Juniper NSM version 2012.2R9 or later. Alternatively,\napply Upgrade Package v4.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/20\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:juniper:network_and_security_manager\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"os_fingerprint.nasl\", \"juniper_nsm_gui_svr_detect.nasl\");\n script_require_keys(\"Juniper_NSM_VerDetected\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"global_settings.inc\");\n\nkb_base = \"Host/NSM/\";\n\n# Since we can't detect the package change remotely this needs to be paranoid.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nget_kb_item_or_exit(\"Juniper_NSM_VerDetected\");\n\nkb_list = make_list();\n\ntemp = get_kb_list(\"Juniper_NSM_GuiSvr/*/build\");\n\nif (!isnull(temp) && max_index(keys(temp)) > 0)\n kb_list = make_list(kb_list, keys(temp));\n\ntemp = get_kb_list(\"Host/NSM/*/build\");\nif (!isnull(temp) && max_index(keys(temp)) > 0)\n kb_list = make_list(kb_list, keys(temp));\n\nif (max_index(kb_list) == 0) audit(AUDIT_NOT_INST, \"Juniper NSM Servers\");\n\nreport = '';\n\nentry = branch(kb_list);\n\nport = 0;\nkb_base = '';\n\nif (\"Juniper_NSM_GuiSvr\" >< entry)\n{\n port = entry - \"Juniper_NSM_GuiSvr/\" - \"/build\";\n kb_base = \"Juniper_NSM_GuiSvr/\" + port + \"/\";\n\n report_str1 = \"Remote GUI server version : \";\n report_str2 = \"Fixed version : \";\n}\nelse\n{\n kb_base = entry - \"build\";\n if (\"guiSvr\" >< kb_base)\n {\n report_str1 = \"Local GUI server version : \";\n report_str2 = \"Fixed version : \";\n }\n else\n {\n report_str1 = \"Local device server version : \";\n report_str2 = \"Fixed version : \";\n }\n}\n\nbuild = get_kb_item_or_exit(entry);\nversion = get_kb_item_or_exit(kb_base + 'version');\n\nversion_disp = version + \" (\" + build + \")\";\n\n# NSM 2012.2R9 or later\n# replace r or R with . for easier version comparison\n# in 2010 and 2011 versions they use S instead of R\nversion_num = ereg_replace(pattern:\"(r|R|s|S)\", replace:\".\", string:version);\n\n# remove trailing . if it exists\nversion_num = ereg_replace(pattern:\"\\.$\", replace:\"\", string:version_num);\n\nfix_disp = \"2012.2R9\";\nfix_num = \"2012.2.9\";\nif (ver_compare(ver:version_num, fix:fix_num, strict:FALSE) < 0)\n{\n set_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n\n if (report_verbosity > 0)\n {\n report = '\\n ' + report_str1 + version_disp +\n '\\n ' + report_str2 + fix_disp +\n '\\n';\n security_warning(extra:report, port:port);\n }\n else security_warning(port:port);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Juniper NSM\", version_disp);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-02T15:12:47", "description": "The remote host is running a version of NSM (Network and Security Manager) Server that is prior to 2012.2R9. It is, therefore, affected by multiple vulnerabilities in the bundled version of Apache HTTP Server :\n\n - A flaw exists due to improper escaping of filenames in 406 and 300 HTTP responses. A remote attacker can exploit this, by uploading a file with a specially crafted name, to inject arbitrary HTTP headers or conduct cross-site scripting attacks. (CVE-2008-0456)\n\n - Multiple cross-site scripting vulnerabilities exist in the mod_negotiation module due to improper sanitization of input passed via filenames. An attacker can exploit this to execute arbitrary script code in a user's browser. (CVE-2012-2687)\n\n - Multiple cross-site scripting vulnerabilities exist in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules due to improper validation of input passed via the URL or hostnames. An attacker can exploit this to execute arbitrary script code in a user's browser. (CVE-2012-3499)\n\n - A cross-site scripting vulnerability exists in the mod_proxy_balancer module due to improper validation of input passed via the URL or hostnames. An attacker can exploit this to execute arbitrary script code in a user's browser. (CVE-2012-4558)\n\n - A flaw exists in the do_rewritelog() function due to improper sanitization of escape sequences written to log files. A remote attacker can exploit this, via a specially crafted HTTP request, to execute arbitrary commands. (CVE-2013-1862)\n\n - A denial of service vulnerability exists in mod_dav.c due to improper validation to determine if DAV is enabled for a URI. A remote attacker can exploit this, via a specially crafted MERGE request, to cause a segmentation fault, resulting in a denial of service condition. (CVE-2013-1896)\n\n - A denial of service vulnerability exists in the dav_xml_get_cdata() function due to improper removal of whitespace characters from CDATA sections. A remote attacker can exploit this, via a specially crafted DAV WRITE request, to cause a daemon crash, resulting in a denial of service condition. (CVE-2013-6438)\n\n - A flaw exists in log_cookie() function due to the logging of cookies with an unassigned value. A remote attacker can exploit this, via a specially crafted request, to cause a segmentation fault, resulting in a denial of service condition. (CVE-2014-0098)\n\n - A flaw exists in the deflate_in_filter() function when request body decompression is configured. A remote attacker can exploit this, via a specially crafted request, to exhaust available memory and CPU resources, resulting in a denial of service condition.\n (CVE-2014-0118)\n\n - A race condition exists in the mod_status module due to improper validation of user-supplied input when handling the scoreboard. A remote attacker can exploit this, via a crafted request, to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2014-0226)\n\n - A flaw exists in the mod_cgid module due to the lack of a timeout mechanism. A remote attacker can exploit this, via a request to a CGI script that does not read from its stdin file descriptor, to cause a denial of service condition. (CVE-2014-0231)", "cvss3": {"score": null, "vector": null}, "published": "2015-07-20T00:00:00", "type": "nessus", "title": "Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685) (credentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0456", "CVE-2012-2687", "CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-6438", "CVE-2014-0098", "CVE-2014-0118", "CVE-2014-0226", "CVE-2014-0231"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/a:juniper:network_and_security_manager"], "id": "JUNIPER_NSM_JSA10685_CRED.NASL", "href": "https://www.tenable.com/plugins/nessus/84878", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84878);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/12 19:01:16\");\n\n script_cve_id(\n \"CVE-2008-0456\",\n \"CVE-2012-2687\",\n \"CVE-2012-3499\",\n \"CVE-2012-4558\",\n \"CVE-2013-1862\",\n \"CVE-2013-1896\",\n \"CVE-2013-6438\",\n \"CVE-2014-0098\",\n \"CVE-2014-0118\",\n \"CVE-2014-0226\",\n \"CVE-2014-0231\"\n );\n script_bugtraq_id(\n 27409,\n 55131,\n 58165,\n 58165,\n 59826,\n 61129,\n 66303,\n 66303,\n 68678,\n 68742,\n 68745\n );\n\n script_name(english:\"Juniper NSM < 2012.2R9 Apache HTTP Server Multiple Vulnerabilities (JSA10685) (credentialed check)\");\n script_summary(english:\"Checks the versions of NSM servers.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of NSM (Network and Security\nManager) Server that is prior to 2012.2R9. It is, therefore, affected\nby multiple vulnerabilities in the bundled version of Apache HTTP\nServer :\n\n - A flaw exists due to improper escaping of filenames in\n 406 and 300 HTTP responses. A remote attacker can\n exploit this, by uploading a file with a specially\n crafted name, to inject arbitrary HTTP headers or\n conduct cross-site scripting attacks. (CVE-2008-0456)\n\n - Multiple cross-site scripting vulnerabilities exist in\n the mod_negotiation module due to improper sanitization\n of input passed via filenames. An attacker can exploit\n this to execute arbitrary script code in a user's\n browser. (CVE-2012-2687)\n\n - Multiple cross-site scripting vulnerabilities exist in\n the mod_info, mod_status, mod_imagemap, mod_ldap, and\n mod_proxy_ftp modules due to improper validation of\n input passed via the URL or hostnames. An attacker can\n exploit this to execute arbitrary script code in a\n user's browser. (CVE-2012-3499)\n\n - A cross-site scripting vulnerability exists in the\n mod_proxy_balancer module due to improper validation of\n input passed via the URL or hostnames. An attacker can\n exploit this to execute arbitrary script code in a\n user's browser. (CVE-2012-4558)\n\n - A flaw exists in the do_rewritelog() function due to\n improper sanitization of escape sequences written to log\n files. A remote attacker can exploit this, via a\n specially crafted HTTP request, to execute arbitrary\n commands. (CVE-2013-1862)\n\n - A denial of service vulnerability exists in mod_dav.c\n due to improper validation to determine if DAV is\n enabled for a URI. A remote attacker can exploit this,\n via a specially crafted MERGE request, to cause a\n segmentation fault, resulting in a denial of service\n condition. (CVE-2013-1896)\n\n - A denial of service vulnerability exists in the\n dav_xml_get_cdata() function\n due to improper removal of whitespace characters from\n CDATA sections. A remote attacker can exploit this,\n via a specially crafted DAV WRITE request, to cause a\n daemon crash, resulting in a denial of service\n condition. (CVE-2013-6438)\n\n - A flaw exists in log_cookie() function due to the\n logging of cookies with an unassigned value. A remote\n attacker can exploit this, via a specially crafted\n request, to cause a segmentation fault, resulting in a\n denial of service condition. (CVE-2014-0098)\n\n - A flaw exists in the deflate_in_filter() function when\n request body decompression is configured. A remote\n attacker can exploit this, via a specially crafted\n request, to exhaust available memory and CPU resources,\n resulting in a denial of service condition.\n (CVE-2014-0118)\n\n - A race condition exists in the mod_status module due to\n improper validation of user-supplied input when handling\n the scoreboard. A remote attacker can exploit this, via\n a crafted request, to cause a heap-based buffer\n overflow, resulting in a denial of service condition or\n the execution of arbitrary code. (CVE-2014-0226)\n\n - A flaw exists in the mod_cgid module due to the lack of\n a timeout mechanism. A remote attacker can exploit this,\n via a request to a CGI script that does not read from\n its stdin file descriptor, to cause a denial of service\n condition. (CVE-2014-0231)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10685\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Juniper NSM version 2012.2R9 or later. Alternatively,\napply Upgrade Package v4.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:juniper:network_and_security_manager\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"juniper_nsm_servers_installed.nasl\");\n script_require_keys(\"Juniper_NSM_VerDetected\");\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nkb_base = \"Host/NSM/\";\n\nget_kb_item_or_exit(\"Juniper_NSM_VerDetected\");\n\nkb_list = make_list();\n\ntemp = get_kb_list(\"Juniper_NSM_GuiSvr/*/build\");\n\nif (!isnull(temp) && max_index(keys(temp)) > 0)\n kb_list = make_list(kb_list, keys(temp));\n\ntemp = get_kb_list(\"Host/NSM/*/build\");\nif (!isnull(temp) && max_index(keys(temp)) > 0)\n kb_list = make_list(kb_list, keys(temp));\n\nif (max_index(kb_list) == 0) audit(AUDIT_NOT_INST, \"Juniper NSM Servers\");\n\nreport = '';\n\nentry = branch(kb_list);\n\nport = 0;\nkb_base = '';\n\nif (\"Juniper_NSM_GuiSvr\" >< entry)\n{\n port = entry - \"Juniper_NSM_GuiSvr/\" - \"/build\";\n kb_base = \"Juniper_NSM_GuiSvr/\" + port + \"/\";\n\n report_str1 = \"Remote GUI server version : \";\n report_str2 = \"Fixed version : \";\n}\nelse\n{\n kb_base = entry - \"build\";\n if (\"guiSvr\" >< kb_base)\n {\n report_str1 = \"Local GUI server version : \";\n report_str2 = \"Fixed version : \";\n }\n else\n {\n report_str1 = \"Local device server version : \";\n report_str2 = \"Fixed version : \";\n }\n}\n\nbuild = get_kb_item_or_exit(entry);\nversion = get_kb_item_or_exit(kb_base + 'version');\n\nversion_disp = version + \" (\" + build + \")\";\n\n# NSM 2012.2R9 or later\n# replace r or R with . for easier version comparison\n# in 2010 and 2011 versions they use S instead of R\nversion_num = ereg_replace(pattern:\"(r|R|s|S)\", replace:\".\", string:version);\n\n# remove trailing . if it exists\nversion_num = ereg_replace(pattern:\"\\.$\", replace:\"\", string:version_num);\n\nfix_disp = \"2012.2R9\";\nfix_num = \"2012.2.9\";\nif (ver_compare(ver:version_num, fix:fix_num, strict:FALSE) < 0)\n{\n if (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n if (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\n if (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n flag = 0;\n\n if (rpm_check(release:\"CentOS-5\", reference:\"httpd-2.2.3-91.el5.centos\")) flag++;\n if (rpm_check(release:\"CentOS-5\", reference:\"mod_ssl-2.2.3-91.el5.centos\")) flag++;\n\n if (flag)\n {\n set_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n\n if (report_verbosity > 0)\n {\n report = '\\n ' + report_str1 + version_disp +\n '\\n ' + report_str2 + fix_disp +\n '\\n' + rpm_report_get();\n security_warning(extra:report, port:port);\n }\n else security_warning(port:port);\n }\n else audit(AUDIT_INST_VER_NOT_VULN, \"Juniper NSM\", version_disp);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Juniper NSM\", version_disp);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T15:50:55", "description": "The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2013-004 applied. This update contains several security-related fixes for the following component :\n\n - Apache\n - Bind\n - Certificate Trust Policy\n - ClamAV\n - Installer\n - IPSec\n - Mobile Device Management\n - OpenSSL\n - PHP\n - PostgreSQL\n - QuickTime\n - sudo\n\nNote that successful exploitation of the most serious issues could result in arbitrary code execution.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-13T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2013-004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0883", "CVE-2012-2686", "CVE-2012-2687", "CVE-2012-3499", "CVE-2012-3817", "CVE-2012-4244", "CVE-2012-4558", "CVE-2012-5166", "CVE-2012-5688", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-1027", "CVE-2013-1028", "CVE-2013-1030", "CVE-2013-1032", "CVE-2013-1635", "CVE-2013-1643", "CVE-2013-1775", "CVE-2013-1824", "CVE-2013-1899", "CVE-2013-1900", "CVE-2013-1901", "CVE-2013-1902", "CVE-2013-1903", "CVE-2013-2020", "CVE-2013-2021", "CVE-2013-2110", "CVE-2013-2266"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2013-004.NASL", "href": "https://www.tenable.com/plugins/nessus/69878", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(69878);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2012-0883\",\n \"CVE-2012-2686\",\n \"CVE-2012-2687\",\n \"CVE-2012-3499\",\n \"CVE-2012-3817\",\n \"CVE-2012-4244\",\n \"CVE-2012-4558\",\n \"CVE-2012-5166\",\n \"CVE-2012-5688\",\n \"CVE-2013-0166\",\n \"CVE-2013-0169\",\n \"CVE-2013-1027\",\n \"CVE-2013-1028\",\n \"CVE-2013-1030\",\n \"CVE-2013-1032\",\n \"CVE-2013-1635\",\n \"CVE-2013-1643\",\n \"CVE-2013-1775\",\n \"CVE-2013-1824\",\n \"CVE-2013-1899\",\n \"CVE-2013-1900\",\n \"CVE-2013-1901\",\n \"CVE-2013-1902\",\n \"CVE-2013-1903\",\n \"CVE-2013-2020\",\n \"CVE-2013-2021\",\n \"CVE-2013-2110\",\n \"CVE-2013-2266\"\n );\n script_bugtraq_id(\n 53046,\n 54658,\n 55131,\n 55522,\n 55852,\n 56817,\n 57755,\n 57778,\n 58165,\n 58203,\n 58224,\n 58736,\n 58766,\n 58876,\n 58877,\n 58878,\n 58879,\n 58882,\n 59434,\n 60118,\n 60268,\n 60411,\n 62370,\n 62371,\n 62373,\n 62375,\n 62377\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2013-09-12-1\");\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2013-004)\");\n script_summary(english:\"Check for the presence of Security Update 2013-004\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is running a version of Mac OS X 10.6 or 10.7 that\ndoes not have Security Update 2013-004 applied. This update contains\nseveral security-related fixes for the following component :\n\n - Apache\n - Bind\n - Certificate Trust Policy\n - ClamAV\n - Installer\n - IPSec\n - Mobile Device Management\n - OpenSSL\n - PHP\n - PostgreSQL\n - QuickTime\n - sudo\n\nNote that successful exploitation of the most serious issues could\nresult in arbitrary code execution.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5880\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/528594/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Install Security Update 2013-004 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Mac OS X Sudo Password Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\nif (!ereg(pattern:\"Mac OS X 10\\.[67]([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.6 / 10.7\");\nelse if (\"Mac OS X 10.6\" >< os && !ereg(pattern:\"Mac OS X 10\\.6($|\\.[0-8]([^0-9]|$))\", string:os)) exit(0, \"The remote host uses a version of Mac OS X Snow Leopard later than 10.6.8.\");\nelse if (\"Mac OS X 10.7\" >< os && !ereg(pattern:\"Mac OS X 10\\.7($|\\.[0-5]([^0-9]|$))\", string:os)) exit(0, \"The remote host uses a version of Mac OS X Lion later than 10.7.5.\");\n\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nif (\n egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security(\\.10\\.[6-8]\\..+)?\\.(2013\\.00[4-9]|201[4-9]\\.[0-9]+)(\\.(snowleopard[0-9.]*|lion))?\\.bom\", string:packages)\n) exit(0, \"The host has Security Update 2013-004 or later installed and is therefore not affected.\");\nelse\n{\n set_kb_item(name:\"www/0/XSS\", value:TRUE);\n\n if (report_verbosity > 0)\n {\n security_boms = egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\", string:packages);\n\n report = '\\n Installed security BOMs : ';\n if (security_boms) report += str_replace(find:'\\n', replace:'\\n ', string:security_boms);\n else report += 'n/a';\n report += '\\n';\n\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T15:49:58", "description": "The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.5. The newer version contains multiple security-related fixes for the following components :\n\n - Apache\n - Bind\n - Certificate Trust Policy\n - CoreGraphics\n - ImageIO\n - Installer\n - IPSec\n - Kernel\n - Mobile Device Management\n - OpenSSL\n - PHP\n - PostgreSQL\n - Power Management\n - QuickTime\n - Screen Lock\n - sudo\n\nThis update also addresses an issue in which certain Unicode strings could cause applications to unexpectedly quit.\n\nNote that successful exploitation of the most serious issues could result in arbitrary code execution.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-13T00:00:00", "type": "nessus", "title": "Mac OS X 10.8.x < 10.8.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0883", "CVE-2012-2686", "CVE-2012-2687", "CVE-2012-3499", "CVE-2012-3817", "CVE-2012-4244", "CVE-2012-4558", "CVE-2012-5166", "CVE-2012-5688", "CVE-2013-0166", "CVE-2013-0169", "CVE-2013-1025", "CVE-2013-1026", "CVE-2013-1027", "CVE-2013-1028", "CVE-2013-1029", "CVE-2013-1030", "CVE-2013-1031", "CVE-2013-1032", "CVE-2013-1033", "CVE-2013-1635", "CVE-2013-1643", "CVE-2013-1775", "CVE-2013-1824", "CVE-2013-1899", "CVE-2013-1900", "CVE-2013-1901", "CVE-2013-1902", "CVE-2013-1903", "CVE-2013-2110", "CVE-2013-2266"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_8_5.NASL", "href": "https://www.tenable.com/plugins/nessus/69877", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(69877);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2012-0883\",\n \"CVE-2012-2686\",\n \"CVE-2012-2687\",\n \"CVE-2012-3499\",\n \"CVE-2012-3817\",\n \"CVE-2012-4244\",\n \"CVE-2012-4558\",\n \"CVE-2012-5166\",\n \"CVE-2012-5688\",\n \"CVE-2013-0166\",\n \"CVE-2013-0169\",\n \"CVE-2013-1025\",\n \"CVE-2013-1026\",\n \"CVE-2013-1027\",\n \"CVE-2013-1028\",\n \"CVE-2013-1029\",\n \"CVE-2013-1030\",\n \"CVE-2013-1031\",\n \"CVE-2013-1032\",\n \"CVE-2013-1033\",\n \"CVE-2013-1635\",\n \"CVE-2013-1643\",\n \"CVE-2013-1775\",\n \"CVE-2013-1824\",\n \"CVE-2013-1899\",\n \"CVE-2013-1900\",\n \"CVE-2013-1901\",\n \"CVE-2013-1902\",\n \"CVE-2013-1903\",\n \"CVE-2013-2110\",\n \"CVE-2013-2266\"\n );\n script_bugtraq_id(\n 53046,\n 54658,\n 55131,\n 55522,\n 55852,\n 56817,\n 57755,\n 57778,\n 58165,\n 58203,\n 58224,\n 58736,\n 58766,\n 58876,\n 58877,\n 58878,\n 58879,\n 58882,\n 60268,\n 60411,\n 62368,\n 62369,\n 62370,\n 62371,\n 62373,\n 62374,\n 62375,\n 62377,\n 62378,\n 62381,\n 62382\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2013-09-12-1\");\n\n script_name(english:\"Mac OS X 10.8.x < 10.8.5 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Mac OS X\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is running a version of Mac OS X 10.8.x that is prior\nto 10.8.5. The newer version contains multiple security-related fixes\nfor the following components :\n\n - Apache\n - Bind\n - Certificate Trust Policy\n - CoreGraphics\n - ImageIO\n - Installer\n - IPSec\n - Kernel\n - Mobile Device Management\n - OpenSSL\n - PHP\n - PostgreSQL\n - Power Management\n - QuickTime\n - Screen Lock\n - sudo\n\nThis update also addresses an issue in which certain Unicode strings\ncould cause applications to unexpectedly quit.\n\nNote that successful exploitation of the most serious issues could\nresult in arbitrary code execution.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5880\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/528594/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Mac OS X 10.8.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Mac OS X Sudo Password Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.8($|\\.[0-4]([^0-9]|$))\", string:os))\n{\n set_kb_item(name:\"www/0/XSS\", value:TRUE);\n\n security_hole(0);\n}\nelse exit(0, \"The host is not affected as it is running \"+os+\".\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:52:45", "description": "The remote host is missing Mac OS X security update 2013-004 that fixes multiple security issues. \n\nThe remote host is running a version of Mac OS X 10.8 that is older than 10.8.5. The newer version contains numerous security-related fixes for the following components :\n\n - Apache\n - Bind\n - Certificate Trust Policy\n - CoreGraphics\n - ImageIO\n - Installer\n - IPSec\n - Kernel\n - Mobile Device Management\n - OpenSSL\n - PHP\n - PostgreSQL\n - Power Management\n - QuickTime\n - Screen Lock\n - sudo\n\n This update also addresses an issue in which certain Unicode strings could cause applications to unexpectedly quit.\n\n Note that successful exploitation of the most serious issues could result in arbitrary code execution.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2013-09-16T00:00:00", "type": "nessus", "title": "Mac OS X 10.8 < 10.8.5 Multiple Vulnerabilities (Security Update 2013-004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1775", "CVE-2012-4244", "CVE-2012-5166", "CVE-2013-0169", "CVE-2012-5688", "CVE-2013-0166", "CVE-2012-2687", "CVE-2013-1900", "CVE-2012-3817", "CVE-2012-3499", "CVE-2012-4558", "CVE-2013-2266", "CVE-2013-1643", "CVE-2012-2686", "CVE-2013-1899", "CVE-2013-1901", "CVE-2013-2110", "CVE-2012-0883", "CVE-2013-1635", "CVE-2013-1824", "CVE-2013-1032", "CVE-2013-5163", "CVE-2013-1031", "CVE-2013-1026", "CVE-2013-1027", "CVE-2013-1033", "CVE-2013-1028", "CVE-2013-1025", "CVE-2013-1903", "CVE-2013-1902", "CVE-2013-1030", "CVE-2013-1029"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "8008.PRM", "href": "https://www.tenable.com/plugins/nnm/8008", "sourceData": "Binary data 8008.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:33", "description": "\n\nApache HTTP SERVER PROJECT reports:\n\nlow: XSS due to unescaped hostnames CVE-2012-3499\nVarious XSS flaws due to unescaped hostnames and URIs HTML output in\n\t mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.\nmoderate: XSS in mod_proxy_balancer CVE-2012-4558\nA XSS flaw affected the mod_proxy_balancer manager interface.\n\n\n", "cvss3": {}, "published": "2012-10-07T00:00:00", "type": "freebsd", "title": "apache22 -- several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2012-10-07T00:00:00", "id": "9C88D8A8-8372-11E2-A010-20CF30E32F6D", "href": "https://vuxml.freebsd.org/freebsd/9c88d8a8-8372-11e2-a010-20cf30e32f6d.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "amazon": [{"lastseen": "2021-07-25T19:33:12", "description": "**Issue Overview:**\n\nMultiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string. \n\nMultiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules. \n\n \n**Affected Packages:** \n\n\nhttpd\n\n \n**Issue Correction:** \nRun _yum update httpd_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 mod_ssl-2.2.24-1.29.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd-debuginfo-2.2.24-1.29.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd-devel-2.2.24-1.29.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd-tools-2.2.24-1.29.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd-2.2.24-1.29.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 httpd-manual-2.2.24-1.29.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 httpd-2.2.24-1.29.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 httpd-2.2.24-1.29.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd-tools-2.2.24-1.29.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd-debuginfo-2.2.24-1.29.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod_ssl-2.2.24-1.29.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd-devel-2.2.24-1.29.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2013-03-26T21:25:00", "type": "amazon", "title": "Medium: httpd", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2014-09-15T22:43:00", "id": "ALAS-2013-174", "href": "https://alas.aws.amazon.com/ALAS-2013-174.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-25T19:33:11", "description": "**Issue Overview:**\n\nMultiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string. \n\nMultiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules. \n\n \n**Affected Packages:** \n\n\nhttpd24\n\n \n**Issue Correction:** \nRun _yum update httpd24_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 mod24_proxy_html-2.4.4-2.41.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd24-tools-2.4.4-2.41.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_ldap-2.4.4-2.41.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_ssl-2.4.4-2.41.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd24-devel-2.4.4-2.41.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd24-2.4.4-2.41.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_session-2.4.4-2.41.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd24-debuginfo-2.4.4-2.41.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 httpd24-manual-2.4.4-2.41.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 httpd24-2.4.4-2.41.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 mod24_ssl-2.4.4-2.41.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_proxy_html-2.4.4-2.41.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_session-2.4.4-2.41.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-tools-2.4.4-2.41.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_ldap-2.4.4-2.41.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-2.4.4-2.41.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-debuginfo-2.4.4-2.41.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-devel-2.4.4-2.41.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2013-03-26T21:29:00", "type": "amazon", "title": "Medium: httpd24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558"], "modified": "2014-09-15T22:43:00", "id": "ALAS-2013-175", "href": "https://alas.aws.amazon.com/ALAS-2013-175.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-25T19:33:01", "description": "**Issue Overview:**\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session. (CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially-crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user. (CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially-crafted Host header. (CVE-2012-3499)\n\n \n**Affected Packages:** \n\n\nhttpd\n\n \n**Issue Correction:** \nRun _yum update httpd_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 httpd-debuginfo-2.2.24-2.31.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd-2.2.24-2.31.amzn1.i686 \n \u00a0\u00a0\u00a0 mod_ssl-2.2.24-2.31.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd-tools-2.2.24-2.31.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd-devel-2.2.24-2.31.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 httpd-manual-2.2.24-2.31.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 httpd-2.2.24-2.31.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 httpd-devel-2.2.24-2.31.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod_ssl-2.2.24-2.31.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd-debuginfo-2.2.24-2.31.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd-2.2.24-2.31.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd-tools-2.2.24-2.31.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2013-05-24T13:56:00", "type": "amazon", "title": "Medium: httpd", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862"], "modified": "2014-09-15T23:06:00", "id": "ALAS-2013-193", "href": "https://alas.aws.amazon.com/ALAS-2013-193.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-25T19:33:01", "description": "**Issue Overview:**\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session. (CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially-crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user. (CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially-crafted Host header. (CVE-2012-3499)\n\n \n**Affected Packages:** \n\n\nhttpd24\n\n \n**Issue Correction:** \nRun _yum update httpd24_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 httpd24-devel-2.4.4-2.46.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_ldap-2.4.4-2.46.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd24-debuginfo-2.4.4-2.46.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd24-2.4.4-2.46.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_session-2.4.4-2.46.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_proxy_html-2.4.4-2.46.amzn1.i686 \n \u00a0\u00a0\u00a0 httpd24-tools-2.4.4-2.46.amzn1.i686 \n \u00a0\u00a0\u00a0 mod24_ssl-2.4.4-2.46.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 httpd24-manual-2.4.4-2.46.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 httpd24-2.4.4-2.46.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 mod24_proxy_html-2.4.4-2.46.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-tools-2.4.4-2.46.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-2.4.4-2.46.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_ssl-2.4.4-2.46.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_session-2.4.4-2.46.amzn1.x86_64 \n \u00a0\u00a0\u00a0 mod24_ldap-2.4.4-2.46.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-devel-2.4.4-2.46.amzn1.x86_64 \n \u00a0\u00a0\u00a0 httpd24-debuginfo-2.4.4-2.46.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2013-05-24T13:57:00", "type": "amazon", "title": "Medium: httpd24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862"], "modified": "2014-09-15T23:07:00", "id": "ALAS-2013-194", "href": "https://alas.aws.amazon.com/ALAS-2013-194.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2018-01-19T15:09:07", "description": "Check for the Version of httpd", "cvss3": {}, "published": "2013-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for httpd FEDORA-2013-4541", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2012-3499"], "modified": "2018-01-19T00:00:00", "id": "OPENVAS:865511", "href": "http://plugins.openvas.org/nasl.php?oid=865511", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for httpd FEDORA-2013-4541\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"httpd on Fedora 18\";\ntag_insight = \"The Apache HTTP Server is a powerful, efficient, and extensible\n web server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html\");\n script_id(865511);\n script_version(\"$Revision: 8466 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 07:58:30 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-02 12:24:16 +0530 (Tue, 02 Apr 2013)\");\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-4541\");\n script_name(\"Fedora Update for httpd FEDORA-2013-4541\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.4.4~2.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-03-17T23:02:06", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-174)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2012-3499"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120558", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120558", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120558\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:29:34 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-174)\");\n script_tag(name:\"insight\", value:\"Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string. Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.\");\n script_tag(name:\"solution\", value:\"Run yum update httpd to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-174.html\");\n script_cve_id(\"CVE-2012-4558\", \"CVE-2012-3499\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.24~1.29.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.24~1.29.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.24~1.29.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.2.24~1.29.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.24~1.29.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-17T23:02:05", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-175)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2012-3499"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120559", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120559", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120559\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:29:35 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-175)\");\n script_tag(name:\"insight\", value:\"Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string. Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.\");\n script_tag(name:\"solution\", value:\"Run yum update httpd24 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-175.html\");\n script_cve_id(\"CVE-2012-4558\", \"CVE-2012-3499\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"mod24_proxy_html\", rpm:\"mod24_proxy_html~2.4.4~2.41.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd24-tools\", rpm:\"httpd24-tools~2.4.4~2.41.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod24_ldap\", rpm:\"mod24_ldap~2.4.4~2.41.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod24_ssl\", rpm:\"mod24_ssl~2.4.4~2.41.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd24-devel\", rpm:\"httpd24-devel~2.4.4~2.41.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd24\", rpm:\"httpd24~2.4.4~2.41.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod24_session\", rpm:\"mod24_session~2.4.4~2.41.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd24-manual\", rpm:\"httpd24-manual~2.4.4~2.41.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for httpd FEDORA-2013-4541", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2012-3499"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865511", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865511", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for httpd FEDORA-2013-4541\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865511\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-02 12:24:16 +0530 (Tue, 02 Apr 2013)\");\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-4541\");\n script_name(\"Fedora Update for httpd FEDORA-2013-4541\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'httpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"httpd on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.4.4~2.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:26", "description": "Several vulnerabilities have been found in the Apache HTTPD server.\n\nCVE-2012-3499\nThe modules mod_info, mod_status, mod_imagemap, mod_ldap, and\nmod_proxy_ftp did not properly escape hostnames and URIs in\nHTML output, causing cross site scripting vulnerabilities.\n\nCVE-2012-4558\nMod_proxy_balancer did not properly escape hostnames and URIs\nin its balancer-manager interface, causing a cross site scripting\nvulnerability.\n\nCVE-2013-1048\nHayawardh Vijayakumar noticed that the apache2ctl script created\nthe lock directory in an unsafe manner, allowing a local attacker\nto gain elevated privileges via a symlink attack. This is a Debian\nspecific issue.", "cvss3": {}, "published": "2013-03-04T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2637-1 (apache2 - several issues)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1048", "CVE-2012-3499"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310892637", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892637", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2637.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2637-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892637\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-1048\", \"CVE-2012-3499\", \"CVE-2012-4558\");\n script_name(\"Debian Security Advisory DSA 2637-1 (apache2 - several issues)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-04 00:00:00 +0100 (Mon, 04 Mar 2013)\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2637.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"apache2 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (squeeze), these problems have been fixed in\nversion 2.2.16-6+squeeze11.\n\nFor the testing distribution (wheezy), these problems will be fixed in\nversion 2.2.22-13.\n\nFor the unstable distribution (sid), these problems will be fixed in\nversion 2.2.22-13.\n\nWe recommend that you upgrade your apache2 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been found in the Apache HTTPD server.\n\nCVE-2012-3499\nThe modules mod_info, mod_status, mod_imagemap, mod_ldap, and\nmod_proxy_ftp did not properly escape hostnames and URIs in\nHTML output, causing cross site scripting vulnerabilities.\n\nCVE-2012-4558\nMod_proxy_balancer did not properly escape hostnames and URIs\nin its balancer-manager interface, causing a cross site scripting\nvulnerability.\n\nCVE-2013-1048\nHayawardh Vijayakumar noticed that the apache2ctl script created\nthe lock directory in an unsafe manner, allowing a local attacker\nto gain elevated privileges via a symlink attack. This is a Debian\nspecific issue.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-dbg\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-itk\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2.2-bin\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-dbg\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-itk\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2.2-bin\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.22-13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:02:12", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-193)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1862", "CVE-2012-3499"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120096", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120096", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120096\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:19 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-193)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in Apache HTTP server. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update httpd to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-193.html\");\n script_cve_id(\"CVE-2012-4558\", \"CVE-2013-1862\", \"CVE-2012-3499\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.24~2.31.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.24~2.31.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.24~2.31.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.2.24~2.31.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.24~2.31.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-05-17T00:00:00", "type": "openvas", "title": "CentOS Update for httpd CESA-2013:0815 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1862", "CVE-2012-3499"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881727", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881727", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2013:0815 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881727\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-17 09:51:50 +0530 (Fri, 17 May 2013)\");\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for httpd CESA-2013:0815 centos6\");\n\n script_xref(name:\"CESA\", value:\"2013:0815\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-May/019722.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'httpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"httpd on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Apache HTTP Server is a popular web server.\n\n Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer\n module's manager web interface. If a remote attacker could trick a user,\n who was logged into the manager web interface, into visiting a\n specially-crafted URL, it would lead to arbitrary web script execution in\n the context of the user's manager interface session. (CVE-2012-4558)\n\n It was found that mod_rewrite did not filter terminal escape sequences from\n its log file. If mod_rewrite was configured with the RewriteLog directive,\n a remote attacker could use specially-crafted HTTP requests to inject\n terminal escape sequences into the mod_rewrite log file. If a victim viewed\n the log file with a terminal emulator, it could result in arbitrary command\n execution with the privileges of that user. (CVE-2013-1862)\n\n Cross-site scripting (XSS) flaws were found in the mod_info, mod_status,\n mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could\n possibly use these flaws to perform XSS attacks if they were able to make\n the victim's browser generate an HTTP request with a specially-crafted Host\n header. (CVE-2012-3499)\n\n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.15~28.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.15~28.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.15~28.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.2.15~28.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.15~28.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-22T13:09:59", "description": "Check for the Version of httpd", "cvss3": {}, "published": "2013-05-17T00:00:00", "type": "openvas", "title": "RedHat Update for httpd RHSA-2013:0815-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1862", "CVE-2012-3499"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:870998", "href": "http://plugins.openvas.org/nasl.php?oid=870998", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for httpd RHSA-2013:0815-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a popular web server.\n\n Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer\n module's manager web interface. If a remote attacker could trick a user,\n who was logged into the manager web interface, into visiting a\n specially-crafted URL, it would lead to arbitrary web script execution in\n the context of the user's manager interface session. (CVE-2012-4558)\n\n It was found that mod_rewrite did not filter terminal escape sequences from\n its log file. If mod_rewrite was configured with the RewriteLog directive,\n a remote attacker could use specially-crafted HTTP requests to inject\n terminal escape sequences into the mod_rewrite log file. If a victim viewed\n the log file with a terminal emulator, it could result in arbitrary command\n execution with the privileges of that user. (CVE-2013-1862)\n\n Cross-site scripting (XSS) flaws were found in the mod_info, mod_status,\n mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could\n possibly use these flaws to perform XSS attacks if they were able to make\n the victim's browser generate an HTTP request with a specially-crafted Host\n header. (CVE-2012-3499)\n\n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon will be restarted automatically.\";\n\n\ntag_affected = \"httpd on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(870998);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-17 09:50:33 +0530 (Fri, 17 May 2013)\");\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for httpd RHSA-2013:0815-01\");\n\n script_xref(name: \"RHSA\", value: \"2013:0815-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2013-May/msg00006.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~78.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.3~78.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~78.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~78.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~78.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:59", "description": "Oracle Linux Local Security Checks ELSA-2013-0815", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0815", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1862", "CVE-2012-3499"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123628", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123628", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0815.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123628\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:06:28 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0815\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0815 - httpd security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0815\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0815.html\");\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~78.0.1.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~78.0.1.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~78.0.1.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~78.0.1.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.15~28.0.1.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.15~28.0.1.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.15~28.0.1.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.2.15~28.0.1.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.15~28.0.1.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-05-17T00:00:00", "type": "openvas", "title": "CentOS Update for httpd CESA-2013:0815 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1862", "CVE-2012-3499"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881733", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881733", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2013:0815 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_tag(name:\"affected\", value:\"httpd on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Apache HTTP Server is a popular web server.\n\n Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer\n module's manager web interface. If a remote attacker could trick a user,\n who was logged into the manager web interface, into visiting a\n specially-crafted URL, it would lead to arbitrary web script execution in\n the context of the user's manager interface session. (CVE-2012-4558)\n\n It was found that mod_rewrite did not filter terminal escape sequences from\n its log file. If mod_rewrite was configured with the RewriteLog directive,\n a remote attacker could use specially-crafted HTTP requests to inject\n terminal escape sequences into the mod_rewrite log file. If a victim viewed\n the log file with a terminal emulator, it could result in arbitrary command\n execution with the privileges of that user. (CVE-2013-1862)\n\n Cross-site scripting (XSS) flaws were found in the mod_info, mod_status,\n mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could\n possibly use these flaws to perform XSS attacks if they were able to make\n the victim's browser generate an HTTP request with a specially-crafted Host\n header. (CVE-2012-3499)\n\n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon will be restarted automatically.\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881733\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-17 09:53:40 +0530 (Fri, 17 May 2013)\");\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_name(\"CentOS Update for httpd CESA-2013:0815 centos5\");\n\n script_xref(name:\"CESA\", value:\"2013:0815\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-May/019720.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'httpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~78.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~78.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~78.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~78.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:01:54", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-194)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1862", "CVE-2012-3499"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120097", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120097", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120097\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:20 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-194)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the Apache HTTP server. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update httpd24 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-194.html\");\n script_cve_id(\"CVE-2012-4558\", \"CVE-2013-1862\", \"CVE-2012-3499\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"httpd24-devel\", rpm:\"httpd24-devel~2.4.4~2.46.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod24_ldap\", rpm:\"mod24_ldap~2.4.4~2.46.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd24-debuginfo\", rpm:\"httpd24-debuginfo~2.4.4~2.46.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd24\", rpm:\"httpd24~2.4.4~2.46.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod24_session\", rpm:\"mod24_session~2.4.4~2.46.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod24_proxy_html\", rpm:\"mod24_proxy_html~2.4.4~2.46.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd24-tools\", rpm:\"httpd24-tools~2.4.4~2.46.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd24-manual\", rpm:\"httpd24-manual~2.4.4~2.46.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:51:34", "description": "Several vulnerabilities have been found in the Apache HTTPD server.\n\nCVE-2012-3499 \nThe modules mod_info, mod_status, mod_imagemap, mod_ldap, and\nmod_proxy_ftp did not properly escape hostnames and URIs in\nHTML output, causing cross site scripting vulnerabilities.\n\nCVE-2012-4558 \nMod_proxy_balancer did not properly escape hostnames and URIs\nin its balancer-manager interface, causing a cross site scripting\nvulnerability.\n\nCVE-2013-1048 \nHayawardh Vijayakumar noticed that the apache2ctl script created\nthe lock directory in an unsafe manner, allowing a local attacker\nto gain elevated privileges via a symlink attack. This is a Debian\nspecific issue.", "cvss3": {}, "published": "2013-03-04T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2637-1 (apache2 - several issues)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1048", "CVE-2012-3499"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892637", "href": "http://plugins.openvas.org/nasl.php?oid=892637", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2637.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2637-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"apache2 on Debian Linux\";\ntag_insight = \"The Apache Software Foundation's goal is to build a secure, efficient and\nextensible HTTP server as standards-compliant open source software. The\nresult has long been the number one web server on the Internet.\";\ntag_solution = \"For the stable distribution (squeeze), these problems have been fixed in\nversion 2.2.16-6+squeeze11.\n\nFor the testing distribution (wheezy), these problems will be fixed in\nversion 2.2.22-13.\n\nFor the unstable distribution (sid), these problems will be fixed in\nversion 2.2.22-13.\n\nWe recommend that you upgrade your apache2 packages.\";\ntag_summary = \"Several vulnerabilities have been found in the Apache HTTPD server.\n\nCVE-2012-3499 \nThe modules mod_info, mod_status, mod_imagemap, mod_ldap, and\nmod_proxy_ftp did not properly escape hostnames and URIs in\nHTML output, causing cross site scripting vulnerabilities.\n\nCVE-2012-4558 \nMod_proxy_balancer did not properly escape hostnames and URIs\nin its balancer-manager interface, causing a cross site scripting\nvulnerability.\n\nCVE-2013-1048 \nHayawardh Vijayakumar noticed that the apache2ctl script created\nthe lock directory in an unsafe manner, allowing a local attacker\nto gain elevated privileges via a symlink attack. This is a Debian\nspecific issue.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892637);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-1048\", \"CVE-2012-3499\", \"CVE-2012-4558\");\n script_name(\"Debian Security Advisory DSA 2637-1 (apache2 - several issues)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-03-04 00:00:00 +0100 (Mon, 04 Mar 2013)\");\n script_tag(name: \"cvss_base\", value:\"4.6\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2637.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-dbg\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-itk\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-bin\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.16-6+squeeze11\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-dbg\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-itk\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-bin\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.22-13\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-02-05T11:10:33", "description": "Check for the Version of httpd", "cvss3": {}, "published": "2013-05-17T00:00:00", "type": "openvas", "title": "CentOS Update for httpd CESA-2013:0815 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1862", "CVE-2012-3499"], "modified": "2018-02-03T00:00:00", "id": "OPENVAS:881727", "href": "http://plugins.openvas.org/nasl.php?oid=881727", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2013:0815 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a popular web server.\n\n Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer\n module's manager web interface. If a remote attacker could trick a user,\n who was logged into the manager web interface, into visiting a\n specially-crafted URL, it would lead to arbitrary web script execution in\n the context of the user's manager interface session. (CVE-2012-4558)\n\n It was found that mod_rewrite did not filter terminal escape sequences from\n its log file. If mod_rewrite was configured with the RewriteLog directive,\n a remote attacker could use specially-crafted HTTP requests to inject\n terminal escape sequences into the mod_rewrite log file. If a victim viewed\n the log file with a terminal emulator, it could result in arbitrary command\n execution with the privileges of that user. (CVE-2013-1862)\n\n Cross-site scripting (XSS) flaws were found in the mod_info, mod_status,\n mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could\n possibly use these flaws to perform XSS attacks if they were able to make\n the victim's browser generate an HTTP request with a specially-crafted Host\n header. (CVE-2012-3499)\n\n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon will be restarted automatically.\";\n\n\ntag_affected = \"httpd on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(881727);\n script_version(\"$Revision: 8650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-03 13:16:59 +0100 (Sat, 03 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-17 09:51:50 +0530 (Fri, 17 May 2013)\");\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for httpd CESA-2013:0815 centos6 \");\n\n script_xref(name: \"CESA\", value: \"2013:0815\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2013-May/019722.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.15~28.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.15~28.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.15~28.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.2.15~28.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.15~28.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-19T15:08:41", "description": "Check for the Version of httpd", "cvss3": {}, "published": "2013-05-17T00:00:00", "type": "openvas", "title": "CentOS Update for httpd CESA-2013:0815 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1862", "CVE-2012-3499"], "modified": "2018-01-19T00:00:00", "id": "OPENVAS:881733", "href": "http://plugins.openvas.org/nasl.php?oid=881733", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for httpd CESA-2013:0815 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Apache HTTP Server is a popular web server.\n\n Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer\n module's manager web interface. If a remote attacker could trick a user,\n who was logged into the manager web interface, into visiting a\n specially-crafted URL, it would lead to arbitrary web script execution in\n the context of the user's manager interface session. (CVE-2012-4558)\n\n It was found that mod_rewrite did not filter terminal escape sequences from\n its log file. If mod_rewrite was configured with the RewriteLog directive,\n a remote attacker could use specially-crafted HTTP requests to inject\n terminal escape sequences into the mod_rewrite log file. If a victim viewed\n the log file with a terminal emulator, it could result in arbitrary command\n execution with the privileges of that user. (CVE-2013-1862)\n\n Cross-site scripting (XSS) flaws were found in the mod_info, mod_status,\n mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could\n possibly use these flaws to perform XSS attacks if they were able to make\n the victim's browser generate an HTTP request with a specially-crafted Host\n header. (CVE-2012-3499)\n\n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon will be restarted automatically.\";\n\n\ntag_solution = \"Please Install the Updated Packages.\";\ntag_affected = \"httpd on CentOS 5\";\n\n\nif(description)\n{\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_id(881733);\n script_version(\"$Revision: 8466 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 07:58:30 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-17 09:53:40 +0530 (Fri, 17 May 2013)\");\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_name(\"CentOS Update for httpd CESA-2013:0815 centos5 \");\n\n script_xref(name: \"CESA\", value: \"2013:0815\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2013-May/019720.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of httpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~78.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~78.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~78.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~78.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-05-17T00:00:00", "type": "openvas", "title": "RedHat Update for httpd RHSA-2013:0815-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1862", "CVE-2012-3499"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870998", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870998", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for httpd RHSA-2013:0815-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.870998\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-17 09:50:33 +0530 (Fri, 17 May 2013)\");\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2013-1862\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for httpd RHSA-2013:0815-01\");\n\n script_xref(name:\"RHSA\", value:\"2013:0815-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-May/msg00006.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'httpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"httpd on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Apache HTTP Server is a popular web server.\n\n Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer\n module's manager web interface. If a remote attacker could trick a user,\n who was logged into the manager web interface, into visiting a\n specially-crafted URL, it would lead to arbitrary web script execution in\n the context of the user's manager interface session. (CVE-2012-4558)\n\n It was found that mod_rewrite did not filter terminal escape sequences from\n its log file. If mod_rewrite was configured with the RewriteLog directive,\n a remote attacker could use specially-crafted HTTP requests to inject\n terminal escape sequences into the mod_rewrite log file. If a victim viewed\n the log file with a terminal emulator, it could result in arbitrary command\n execution with the privileges of that user. (CVE-2013-1862)\n\n Cross-site scripting (XSS) flaws were found in the mod_info, mod_status,\n mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could\n possibly use these flaws to perform XSS attacks if they were able to make\n the victim's browser generate an HTTP request with a specially-crafted Host\n header. (CVE-2012-3499)\n\n All httpd users should upgrade to these updated packages, which contain\n backported patches to correct these issues. After installing the updated\n packages, the httpd daemon will be restarted automatically.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.15~28.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.2.3~78.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.2.3~78.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.2.3~78.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.2.3~78.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.2.3~78.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-23T13:09:48", "description": "Check for the Version of apache2", "cvss3": {}, "published": "2013-03-19T00:00:00", "type": "openvas", "title": "Ubuntu Update for apache2 USN-1765-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4557", "CVE-2012-4558", "CVE-2013-1048", "CVE-2012-3499"], "modified": "2018-01-23T00:00:00", "id": "OPENVAS:841365", "href": "http://plugins.openvas.org/nasl.php?oid=841365", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1765_1.nasl 8494 2018-01-23 06:57:55Z teissa $\n#\n# Ubuntu Update for apache2 USN-1765-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Niels Heinen discovered that multiple modules incorrectly sanitized certain\n strings, which could result in browsers becoming vulnerable to cross-site\n scripting attacks when processing the output. With cross-site scripting\n vulnerabilities, if a user were tricked into viewing server output during a\n crafted server request, a remote attacker could exploit this to modify the\n contents, or steal confidential data (such as passwords), within the same\n domain. (CVE-2012-3499, CVE-2012-4558)\n\n It was discovered that the mod_proxy_ajp module incorrectly handled error\n states. A remote attacker could use this issue to cause the server to stop\n responding, resulting in a denial of service. This issue only applied to\n Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 11.10. (CVE-2012-4557)\n \n It was discovered that the apache2ctl script shipped in Ubuntu packages\n incorrectly created the lock directory. A local attacker could possibly use\n this issue to gain privileges. The symlink protections in Ubuntu 11.10 and\n later should reduce this vulnerability to a denial of service.\n (CVE-2013-1048)\";\n\n\ntag_affected = \"apache2 on Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1765-1/\");\n script_id(841365);\n script_version(\"$Revision: 8494 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 07:57:55 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-19 09:49:37 +0530 (Tue, 19 Mar 2013)\");\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2012-4557\", \"CVE-2013-1048\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1765-1\");\n script_name(\"Ubuntu Update for apache2 USN-1765-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of apache2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.22-1ubuntu1.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.20-1ubuntu1.4\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.14-5ubuntu8.11\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.8-1ubuntu0.25\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.22-6ubuntu2.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-19T00:00:00", "type": "openvas", "title": "Ubuntu Update for apache2 USN-1765-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4557", "CVE-2012-4558", "CVE-2013-1048", "CVE-2012-3499"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841365", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841365", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1765_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for apache2 USN-1765-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1765-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841365\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-19 09:49:37 +0530 (Tue, 19 Mar 2013)\");\n script_cve_id(\"CVE-2012-3499\", \"CVE-2012-4558\", \"CVE-2012-4557\", \"CVE-2013-1048\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1765-1\");\n script_name(\"Ubuntu Update for apache2 USN-1765-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apache2'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|11\\.10|10\\.04 LTS|8\\.04 LTS|12\\.10)\");\n script_tag(name:\"affected\", value:\"apache2 on Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Niels Heinen discovered that multiple modules incorrectly sanitized certain\n strings, which could result in browsers becoming vulnerable to cross-site\n scripting attacks when processing the output. With cross-site scripting\n vulnerabilities, if a user were tricked into viewing server output during a\n crafted server request, a remote attacker could exploit this to modify the\n contents, or steal confidential data (such as passwords), within the same\n domain. (CVE-2012-3499, CVE-2012-4558)\n\n It was discovered that the mod_proxy_ajp module incorrectly handled error\n states. A remote attacker could use this issue to cause the server to stop\n responding, resulting in a denial of service. This issue only applied to\n Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 11.10. (CVE-2012-4557)\n\n It was discovered that the apache2ctl script shipped in Ubuntu packages\n incorrectly created the lock directory. A local attacker could possibly use\n this issue to gain privileges. The symlink protections in Ubuntu 11.10 and\n later should reduce this vulnerability to a denial of service.\n (CVE-2013-1048)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.22-1ubuntu1.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.20-1ubuntu1.4\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.14-5ubuntu8.11\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.8-1ubuntu0.25\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.22-6ubuntu2.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2021-06-08T18:46:48", "description": "mod_info, mod_status, mod_imagemap, mod_ldap, mod_proxy_ftp, mod_proxy_balancer crossite scripting", "edition": 2, "cvss3": {}, "published": "2013-03-02T00:00:00", "title": "Apache security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2012-3499"], "modified": "2013-03-02T00:00:00", "id": "SECURITYVULNS:VULN:12917", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12917", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:47", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2013:015\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : apache\r\n Date : February 26, 2013\r\n Affected: 2011., Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been found and corrected in apache\r\n &#40;ASF HTTPD&#41;:\r\n \r\n Various XSS &#40;cross-site scripting vulnerability&#41; flaws due to unescaped\r\n hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap,\r\n mod_ldap, and mod_proxy_ftp &#40;CVE-2012-3499&#41;.\r\n \r\n XSS &#40;cross-site scripting vulnerability&#41; in mod_proxy_balancer manager\r\n interface &#40;CVE-2012-4558&#41;.\r\n \r\n Additionally the ASF bug 53219 was resolved which provides a way\r\n to mitigate the CRIME attack vulnerability by disabling TLS-level\r\n compression. Use the new directive SSLCompression on|off to enable or\r\n disable TLS-level compression, by default SSLCompression is turned on.\r\n \r\n The updated packages have been upgraded to the latest 2.2.24 version\r\n which is not vulnerable to these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558\r\n http://httpd.apache.org/security/vulnerabilities_22.html\r\n http://www.apache.org/dist/httpd/CHANGES_2.2.24\r\n https://issues.apache.org/bugzilla/show_bug.cgi?id=53219\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2011:\r\n 289c89be234a9162175b0294e16c591c 2011/i586/apache-base-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 5f8af3db34637d99db3a6bc848c01cac 2011/i586/apache-conf-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 991acd2fbed937e78acbc04cd3ddf2e7 2011/i586/apache-devel-2.2.24-0.1-mdv2011.0.i586.rpm\r\n a185aaa60a5f6ffa689bfdd30969129e 2011/i586/apache-doc-2.2.24-0.1-mdv2011.0.noarch.rpm\r\n a069735af2947a3bf3c62137a88ffeca 2011/i586/apache-htcacheclean-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 9dbd40a1889977c6e2de4192b3a49f04 2011/i586/apache-mod_authn_dbd-2.2.24-0.1-mdv2011.0.i586.rpm\r\n df089c2da852993c46071cf9f1d20ab2 2011/i586/apache-mod_cache-2.2.24-0.1-mdv2011.0.i586.rpm\r\n e1227b41c3aa254f9f882c439dbb60a8 2011/i586/apache-mod_dav-2.2.24-0.1-mdv2011.0.i586.rpm\r\n defb1c86a285c224b2a15880ad803040 2011/i586/apache-mod_dbd-2.2.24-0.1-mdv2011.0.i586.rpm\r\n c6202714af4799b5111615ae9a88e89d 2011/i586/apache-mod_deflate-2.2.24-0.1-mdv2011.0.i586.rpm\r\n dd7c2831321debb9687208aef93f7e78 2011/i586/apache-mod_disk_cache-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 4b9d9e4c68e41f06e237dc300b358dbc 2011/i586/apache-mod_file_cache-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 20e3419c7a05893eaebb216680abf364 2011/i586/apache-mod_ldap-2.2.24-0.1-mdv2011.0.i586.rpm\r\n af66de0cae0be6b615866a1a5bf87c94 2011/i586/apache-mod_mem_cache-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 4fff2e9db4b76b080c6b28a41191067e 2011/i586/apache-mod_proxy-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 0185029b460e360a89fe5b39631a1fff 2011/i586/apache-mod_proxy_ajp-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 8c9285340ee4392717266dc11653f806 2011/i586/apache-mod_proxy_scgi-2.2.24-0.1-mdv2011.0.i586.rpm\r\n a72f9c38ee460de6bc1dc44634225467 2011/i586/apache-mod_reqtimeout-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 9a1ce119bf75d10ec14d1dd3bb61e7f0 2011/i586/apache-mod_ssl-2.2.24-0.1-mdv2011.0.i586.rpm\r\n ba2613c1bc16fc1caff121744911467a 2011/i586/apache-mod_suexec-2.2.24-0.1-mdv2011.0.i586.rpm\r\n fe90da4a35bb6709dc3707ea3ef8f7b0 2011/i586/apache-modules-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 97e6288872ec47204673b474f505fc5b 2011/i586/apache-mod_userdir-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 4bfb7faf0754646ca77e6920eca7a994 2011/i586/apache-mpm-event-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 724b8fd1ef97242a50643c19ad5bea28 2011/i586/apache-mpm-itk-2.2.24-0.1-mdv2011.0.i586.rpm\r\n ecf0644523a56fa84fae17eb0eb7bdc1 2011/i586/apache-mpm-peruser-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 7ca86c4b6d18a8f7d2dbd36e6d6fedc9 2011/i586/apache-mpm-prefork-2.2.24-0.1-mdv2011.0.i586.rpm\r\n 3e4f9253120b07eab512985583fe9b17 2011/i586/apache-mpm-worker-2.2.24-0.1-mdv2011.0.i586.rpm\r\n f9d6a24fc521f5efb6db1e2b48eaaa6a 2011/i586/apache-source-2.2.24-0.1-mdv2011.0.i586.rpm \r\n 60a51c26a9615f8fe5fd238e324fad53 2011/SRPMS/apache-2.2.24-0.1.src.rpm\r\n 0f8670c68f91c0eac08191f7b4c59459 2011/SRPMS/apache-conf-2.2.24-0.1.src.rpm\r\n 4561b162b6214482270a1c1f9f9bff45 2011/SRPMS/apache-mod_suexec-2.2.24-0.1.src.rpm\r\n\r\n Mandriva Linux 2011/X86_64:\r\n 2bebc91d05e6f2e522899221351a68e0 2011/x86_64/apache-base-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 828297781615028d0112d392ed9e3009 2011/x86_64/apache-conf-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n ed77958d6201a8242214e05fe3b67425 2011/x86_64/apache-devel-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 3ead1940727ce086d97c334d6a41223b 2011/x86_64/apache-doc-2.2.24-0.1-mdv2011.0.noarch.rpm\r\n b83de49c32acb5334d479d6f07d3df30 2011/x86_64/apache-htcacheclean-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n b62eac92a967a099cc9b392c8df76db5 2011/x86_64/apache-mod_authn_dbd-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 67d4c4f45e88abfa322b3a3dcff8eff6 2011/x86_64/apache-mod_cache-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n f81cc5b0656aa6d6ed61a8f204bdba9e 2011/x86_64/apache-mod_dav-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 7f7a259d5793d9f0830da2ce42be9c68 2011/x86_64/apache-mod_dbd-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n b73243f05bedd112946467e2dd470349 2011/x86_64/apache-mod_deflate-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 757818100b90779f5636dc8a405b045f 2011/x86_64/apache-mod_disk_cache-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 95ab9bed5935a49661fed89d0bbde413 2011/x86_64/apache-mod_file_cache-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 361667caa3aff7861afafc7236abe511 2011/x86_64/apache-mod_ldap-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 8e4cc050ab8248857d98891b6a7cd663 2011/x86_64/apache-mod_mem_cache-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n e89d9282d5bcb90ae77f33578fb814cc 2011/x86_64/apache-mod_proxy-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 1d2478b41bec0bf4098258c1cfb54a4c 2011/x86_64/apache-mod_proxy_ajp-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 22526d7fa623427945524f346a4365e1 2011/x86_64/apache-mod_proxy_scgi-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n f58d3f49a90827f1e06a972891a35ce3 2011/x86_64/apache-mod_reqtimeout-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 764c5337a0afde50815ec4926324911f 2011/x86_64/apache-mod_ssl-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 615a698090d208e3af1fa0126edd4104 2011/x86_64/apache-mod_suexec-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 2b087b76a1d2457c2a3e0b1d82028a90 2011/x86_64/apache-modules-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 1b85512bbfeb4b1ac03c2e7b5019a7ad 2011/x86_64/apache-mod_userdir-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 2af96a1eb1a3e7c0d97b70c382e15105 2011/x86_64/apache-mpm-event-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n a4f2ef243034a6d8902822d19dc85475 2011/x86_64/apache-mpm-itk-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 141410f4cae45ddc07bc0664330aaf16 2011/x86_64/apache-mpm-peruser-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 92fbed1befec4c0f45b3c0c0f092be30 2011/x86_64/apache-mpm-prefork-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 72af42ba5a5594ce561d56d5c6d9a4e2 2011/x86_64/apache-mpm-worker-2.2.24-0.1-mdv2011.0.x86_64.rpm\r\n 5013cde8136c71938c2e053ab5d70995 2011/x86_64/apache-source-2.2.24-0.1-mdv2011.0.x86_64.rpm \r\n 60a51c26a9615f8fe5fd238e324fad53 2011/SRPMS/apache-2.2.24-0.1.src.rpm\r\n 0f8670c68f91c0eac08191f7b4c59459 2011/SRPMS/apache-conf-2.2.24-0.1.src.rpm\r\n 4561b162b6214482270a1c1f9f9bff45 2011/SRPMS/apache-mod_suexec-2.2.24-0.1.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 6dd6edb0b5d97314ee4d4d81d50d6e4d mes5/i586/apache-base-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 319fe02e7b972f21dd9ec29e0185f44f mes5/i586/apache-conf-2.2.24-0.1mdvmes5.2.i586.rpm\r\n e8bd3eae8d128fd5e244045caf5ee6f5 mes5/i586/apache-devel-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 0b0832377327154aa4a98c51fb147919 mes5/i586/apache-doc-2.2.24-0.1mdvmes5.2.i586.rpm\r\n f8937aebec292a0e8f976048db096e71 mes5/i586/apache-htcacheclean-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 69373e51a9330ea5849de39ec400dbe3 mes5/i586/apache-mod_authn_dbd-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 43feca16e72b04e66ef6342a252b2bb7 mes5/i586/apache-mod_cache-2.2.24-0.1mdvmes5.2.i586.rpm\r\n af8313cba733be280e0b3e30c32be0c9 mes5/i586/apache-mod_dav-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 91fec82e5d3952f17a15b38f9ec03d68 mes5/i586/apache-mod_dbd-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 8bf734067c73d04cef99b6bf25f66bc9 mes5/i586/apache-mod_deflate-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 27ecd86d710980c332c6fbf6010c3092 mes5/i586/apache-mod_disk_cache-2.2.24-0.1mdvmes5.2.i586.rpm\r\n aa4985381121d8b627f98ac18f5f25d2 mes5/i586/apache-mod_file_cache-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 7f698e5ea494e573636580e974c5fc2f mes5/i586/apache-mod_ldap-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 160134ad93e70eb964897fbbc1632fbc mes5/i586/apache-mod_mem_cache-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 2fa5c492d5af50f867b20233c327ea05 mes5/i586/apache-mod_proxy-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 4185214fd00c80d9e4574168ceb14009 mes5/i586/apache-mod_proxy_ajp-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 81a50e40f0bf364b94fd9a6ccf8655c2 mes5/i586/apache-mod_proxy_scgi-2.2.24-0.1mdvmes5.2.i586.rpm\r\n ff5a337656b958c3241fc5a978b75b18 mes5/i586/apache-mod_reqtimeout-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 425b81046acc1e05024c8c67dc56796e mes5/i586/apache-mod_ssl-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 27fb0fcb9cf681f1b235061fe85b73c1 mes5/i586/apache-mod_suexec-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 5e951c0c3d694bde145b5810893c5b5c mes5/i586/apache-modules-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 9ae777a24be2d3518d130ddd58249e2c mes5/i586/apache-mod_userdir-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 01c66caefbf0963fdc792368a83c34a6 mes5/i586/apache-mpm-event-2.2.24-0.1mdvmes5.2.i586.rpm\r\n a3da55a7a39e49a6628788db4150a8df mes5/i586/apache-mpm-itk-2.2.24-0.1mdvmes5.2.i586.rpm\r\n 8152d5a34bd829ba28b4e449df14a03f mes5/i586/apache-mpm-peruser-2.2.24-0.1mdvmes5.2.i586.rpm\r\n ed3f4674858e134cbdf8db082ccff2ac mes5/i586/apache-mpm-prefork-2.2.24-0.1mdvmes5.2.i586.rpm\r\n c0cd47361e5d8a979f71dd8e98ffbfe4 mes5/i586/apache-mpm-worker-2.2.24-0.1mdvmes5.2.i586.rpm\r\n b444e18873265bb6b7fbd3add66ff64a mes5/i586/apache-source-2.2.24-0.1mdvmes5.2.i586.rpm \r\n dbe3d441997f0e06d51c96c8981e834f mes5/SRPMS/apache-2.2.24-0.1mdvmes5.2.src.rpm\r\n 6f9c20607fff35b57811e8b566b688fc mes5/SRPMS/apache-conf-2.2.24-0.1mdvmes5.2.src.rpm\r\n 4ef70aa09145ec2b8f15ea2c21c5dea0 mes5/SRPMS/apache-mod_suexec-2.2.24-0.1mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 0e59782d03138d935b38f93653047abc mes5/x86_64/apache-base-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 178694544c089940994cafb3358bd66c mes5/x86_64/apache-conf-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n d8f21f8b075664de084ee5462d235b84 mes5/x86_64/apache-devel-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n a6c0072d3be0d0fd90f61dbd9872a950 mes5/x86_64/apache-doc-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n da165aea085b8500165d244e97f5ca58 mes5/x86_64/apache-htcacheclean-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 163714433a88eaf3140e297a0f7b049a mes5/x86_64/apache-mod_authn_dbd-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 09e47dae25b0c2a5cc4ad59f21ebce3e mes5/x86_64/apache-mod_cache-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n f9d3ee959228eb91bbf6dad0370e5368 mes5/x86_64/apache-mod_dav-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n ead999610ce5785ece13781d2f5b0d66 mes5/x86_64/apache-mod_dbd-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n bba1850efa371d493cd6a608fafadd34 mes5/x86_64/apache-mod_deflate-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n a67e8403f7acb225b50e9ae3b92d6d65 mes5/x86_64/apache-mod_disk_cache-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 20eddbde328e178d9a67bb57d275a4b4 mes5/x86_64/apache-mod_file_cache-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n ac154e173a5429742559237f2b0d014b mes5/x86_64/apache-mod_ldap-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 596013759868c8e22739c058e2ea61f6 mes5/x86_64/apache-mod_mem_cache-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n f5742a3e437fdfdb85fa99128b4f7e8a mes5/x86_64/apache-mod_proxy-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n fd502968872d2be5c018e0fbb9f97b1a mes5/x86_64/apache-mod_proxy_ajp-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 7e905ce8177a1746ce3fd1ce40512470 mes5/x86_64/apache-mod_proxy_scgi-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 9518bdc5a4dbe14b16aa9228f404e33d mes5/x86_64/apache-mod_reqtimeout-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n d1eec3970980c9dfde163fc2039213d9 mes5/x86_64/apache-mod_ssl-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 5fc3a8b10152d52db0c750d6da821ae7 mes5/x86_64/apache-mod_suexec-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 96b166e33189eb97b8c0353804e583d6 mes5/x86_64/apache-modules-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 1022717e5463c61a4200764d53b5f47c mes5/x86_64/apache-mod_userdir-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 92bd2b1ee635ced3db4257bc53af5266 mes5/x86_64/apache-mpm-event-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n aa97fe2e7063357a1aaed568258b8818 mes5/x86_64/apache-mpm-itk-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 26197b7255a701aaf2c541b5cd779470 mes5/x86_64/apache-mpm-peruser-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 7d398eb4c6841172a934a1814c72035f mes5/x86_64/apache-mpm-prefork-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 51bcd6b3b9bcb46a5ca74a54584499f4 mes5/x86_64/apache-mpm-worker-2.2.24-0.1mdvmes5.2.x86_64.rpm\r\n 6aa22fdbc419e7a11a09176cb18dda75 mes5/x86_64/apache-source-2.2.24-0.1mdvmes5.2.x86_64.rpm \r\n dbe3d441997f0e06d51c96c8981e834f mes5/SRPMS/apache-2.2.24-0.1mdvmes5.2.src.rpm\r\n 6f9c20607fff35b57811e8b566b688fc mes5/SRPMS/apache-conf-2.2.24-0.1mdvmes5.2.src.rpm\r\n 4ef70aa09145ec2b8f15ea2c21c5dea0 mes5/SRPMS/apache-mod_suexec-2.2.24-0.1mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFRLG44mqjQ0CJFipgRArM1AKDaK2GPDjdBn+c+g+zkvOhoZ51cfwCcCSUg\r\nRV3Pp0VO0qOcjczQslRJwtA=\r\n=aNmi\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2013-03-02T00:00:00", "title": "[ MDVSA-2013:015 ] apache", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2012-3499"], "modified": "2013-03-02T00:00:00", "id": "SECURITYVULNS:DOC:29115", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29115", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:49", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update\r\n2013-004\r\n\r\nOS X Mountain Lion v10.8.5 and Security Update 2013-004 is now\r\navailable and addresses the following:\r\n\r\nApache\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Multiple vulnerabilities in Apache\r\nDescription: Multiple vulnerabilities existed in Apache, the most\r\nserious of which may lead to cross-site scripting. These issues were\r\naddressed by updating Apache to version 2.2.24.\r\nCVE-ID\r\nCVE-2012-0883\r\nCVE-2012-2687\r\nCVE-2012-3499\r\nCVE-2012-4558\r\n\r\nBind\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Multiple vulnerabilities in BIND\r\nDescription: Multiple vulnerabilities existed in BIND, the most\r\nserious of which may lead to a denial of service. These issues were\r\naddressed by updating BIND to version 9.8.5-P1. CVE-2012-5688 did not\r\naffect Mac OS X v10.7 systems.\r\nCVE-ID\r\nCVE-2012-3817\r\nCVE-2012-4244\r\nCVE-2012-5166\r\nCVE-2012-5688\r\nCVE-2013-2266\r\n\r\nCertificate Trust Policy\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Root certificates have been updated\r\nDescription: Several certificates were added to or removed from the\r\nlist of system roots. The complete list of recognized system roots\r\nmay be viewed via the Keychain Access application.\r\n\r\nClamAV\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5\r\nImpact: Multiple vulnerabilities in ClamAV\r\nDescription: Multiple vulnerabilities exist in ClamAV, the most\r\nserious of which may lead to arbitrary code execution. This update\r\naddresses the issues by updating ClamAV to version 0.97.8.\r\nCVE-ID\r\nCVE-2013-2020\r\nCVE-2013-2021\r\n\r\nCoreGraphics\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JBIG2\r\nencoded data in PDF files. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2013-1025 : Felix Groebert of the Google Security Team\r\n\r\nImageIO\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JPEG2000\r\nencoded data in PDF files. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2013-1026 : Felix Groebert of the Google Security Team\r\n\r\nInstaller\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Packages could be opened after certificate revocation\r\nDescription: When Installer encountered a revoked certificate, it\r\nwould present a dialog with an option to continue. The issue was\r\naddressed by removing the dialog and refusing any revoked package.\r\nCVE-ID\r\nCVE-2013-1027\r\n\r\nIPSec\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: An attacker may intercept data protected with IPSec Hybrid\r\nAuth\r\nDescription: The DNS name of an IPSec Hybrid Auth server was not\r\nbeing matched against the certificate, allowing an attacker with a\r\ncertificate for any server to impersonate any other. This issue was\r\naddressed by properly checking the certificate.\r\nCVE-ID\r\nCVE-2013-1028 : Alexander Traud of www.traud.de\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\r\nImpact: A local network user may cause a denial of service\r\nDescription: An incorrect check in the IGMP packet parsing code in\r\nthe kernel allowed a user who could send IGMP packets to the system\r\nto cause a kernel panic. The issue was addressed by removing the\r\ncheck.\r\nCVE-ID\r\nCVE-2013-1029 : Christopher Bohn of PROTECTSTAR INC.\r\n\r\nMobile Device Management\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Passwords may be disclosed to other local users\r\nDescription: A password was passed on the command-line to mdmclient,\r\nwhich made it visible to other users on the same system. The issue\r\nwas addressed by communicating the password through a pipe.\r\nCVE-ID\r\nCVE-2013-1030 : Per Olofsson at the University of Gothenburg\r\n\r\nOpenSSL\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Multiple vulnerabilities in OpenSSL\r\nDescription: Multiple vulnerabilities existed in OpenSSL, the most\r\nserious of which may lead to disclosure of user data. These issues\r\nwere addressed by updating OpenSSL to version 0.9.8y.\r\nCVE-ID\r\nCVE-2012-2686\r\nCVE-2013-0166\r\nCVE-2013-0169\r\n\r\nPHP\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Multiple vulnerabilities in PHP\r\nDescription: Multiple vulnerabilities existed in PHP, the most\r\nserious of which may lead to arbitrary code execution. These issues\r\nwere addressed by updating PHP to version 5.3.26.\r\nCVE-ID\r\nCVE-2013-1635\r\nCVE-2013-1643\r\nCVE-2013-1824\r\nCVE-2013-2110\r\n\r\nPostgreSQL\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Multiple vulnerabilities in PostgreSQL\r\nDescription: Multiple vulnerabilities exist in PostgreSQL, the most\r\nserious of which may lead to data corruption or privilege escalation.\r\nThis update addresses the issues by updating PostgreSQL to version\r\n9.0.13.\r\nCVE-ID\r\nCVE-2013-1899\r\nCVE-2013-1900\r\nCVE-2013-1901\r\nCVE-2013-1902\r\nCVE-2013-1903\r\n\r\nPower Management\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\r\nImpact: The screen saver may not start after the specified time\r\nperiod\r\nDescription: A power assertion lock issue existed. This issue was\r\naddressed through improved lock handling.\r\nCVE-ID\r\nCVE-2013-1031\r\n\r\nQuickTime\r\nAvailable for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,\r\nOS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8 to v10.8.4\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\n&#39;idsc&#39; atoms in QuickTime movie files. This issue was addressed\r\nthrough additional bounds checking.\r\nCVE-ID\r\nCVE-2013-1032 : Jason Kratzer working with iDefense VCP\r\n\r\nScreen Lock\r\nAvailable for: OS X Mountain Lion v10.8 to v10.8.4\r\nImpact: A user with screen sharing access may be able to bypass the\r\nscreen lock when another user is logged in\r\nDescription: A session management issue existed in the screen lock&#39;s\r\nhandling of screen sharing sessions. This issue was addressed through\r\nimproved session tracking.\r\nCVE-ID\r\nCVE-2013-1033 : Jeff Grisso of Atos IT Solutions, Sebastien Stormacq\r\n\r\nNote: OS X Mountain Lion v10.8.5 also addresses an issue where\r\ncertain Unicode strings could cause applications to unexpectedly\r\nterminate.\r\n\r\n\r\nOS X Mountain Lion v10.8.5 and Security Update 2013-004 may be\r\nobtained from the Software Update pane in System Preferences,\r\nor Apple&#39;s Software Downloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nThe Software Update utility will present the update that applies\r\nto your system configuration. Only one is needed, either\r\nOS X Mountain Lion v10.8.5, or Security Update\r\n2013-004.\r\n\r\nFor OS X Mountain Lion v10.8.4\r\nThe download file is named: OSXUpd10.8.5.dmg\r\nIts SHA-1 digest is: a74ab6d9501778437e7afba0bbed47b776a52b11\r\n\r\nFor OS X Mountain Lion v10.8 and v10.8.3\r\nThe download file is named: OSXUpdCombo10.8.5.dmg\r\nIts SHA-1 digest is: cb798ac9b97ceb2d8875af040ce4ff06187d61f2\r\n\r\nFor OS X Lion v10.7.5\r\nThe download file is named: SecUpd2013-004.dmg\r\nIts SHA-1 digest is: dbc50fce7070f83b93b866a21b8f5c6e65007fa0\r\n\r\nFor OS X Lion Server v10.7.5\r\nThe download file is named: SecUpdSrvr2013-004.dmg\r\nIts SHA-1 digest is: 44a77edbd37732b865bc21a9aac443a3cdc47355\r\n\r\nFor Mac OS X v10.6.8\r\nThe download file is named: SecUpd2013-004.dmg\r\nIts SHA-1 digest is: d07d5142a2549270f0d2eaddb262b41bb5c16b61\r\n\r\nFor Mac OS X Server v10.6.8\r\nThe download file is named: SecUpdSrvr2013-004.dmg\r\nIts SHA-1 digest is: 8f9abe93f7f9427cf86b89bd67df948a85537dbc\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple&#39;s Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 &#40;Darwin&#41;\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJSMiPGAAoJEPefwLHPlZEw9qMP/17D4Q8velZ3H4AumPzHqqB4\r\nQxPcuv8PXzhi55epUm2bzNfXR9A5L9KvzEsmggqxO2/ESO0zfeKgAmXXjCI3z5Qc\r\n+WkHgqowjwXU9cbjyDkhwb/ylXml+vCSIv2m9eXXNRTRi0rm9ZLSI/JMSRfLMojQ\r\nbZbzQSoSpuGaOeOOWESKCf9zBXFG6DBGo0wg3z8Bkywjtp/7bfddPAFHxIdhjDDN\r\n1IgmhPRnP6NEdNSfR6RwF94M+hyiJ2I2DIDZTIo+6B4Ne90bEYdBiQmSxwKFAyc3\r\nH9VFfB8XmrtA2k4DhE6Ow2jD/Y//QKz6TbyZNSQawXxuPsj43v6/T6BsWdfddGbQ\r\nhDGU85e7z7a4gmIPuS3DjMhSEyAixL/B3vKYBaZltH6JBCcPuLvGrU7nAiJa7KGQ\r\n8MToOyv42TSj95drFzysk5fcO0MIUH5xiGlaU+ScEdBSpIpHDfpjeJYPqxHeGFaa\r\nV2xCGw1vMYbMoxNzRL0FPPdUxJkyBHvuzZXh6c6fATuQIPCtwejpPrYEo7x7RRpl\r\nytsVLe3V27j7IfWb62nI+mNVfH5m+YgK4SGK5DSq8Nm1Lk0w4HXmTtrhOCogsJ2I\r\nyoqeg/XakiSdxZxhSa9/ZZsMB+D1B8siNzCj0+U0k4zYjxEA0GdSu/dYRVT62oIn\r\nvBrJ5gm+nnyRe2TUMAwz\r\n=h9hc\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2013-10-03T00:00:00", "title": "APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-0166", "CVE-2013-1028", "CVE-2013-2266", "CVE-2012-4558", "CVE-2013-0169", "CVE-2013-1903", "CVE-2013-1643", "CVE-2013-2110", "CVE-2013-1026", "CVE-2012-2687", "CVE-2012-2686", "CVE-2012-0883", "CVE-2013-1032", "CVE-2013-1025", "CVE-2012-3817", "CVE-2013-2020", "CVE-2012-5688", "CVE-2013-1824", "CVE-2012-5166", "CVE-2013-1033", "CVE-2012-4244", "CVE-2013-1030", "CVE-2013-1901", "CVE-2013-1902", "CVE-2012-3499", "CVE-2013-1635", "CVE-2013-1029", "CVE-2013-1031", "CVE-2013-1900", "CVE-2013-2021", "CVE-2013-1899", "CVE-2013-1027"], "modified": "2013-10-03T00:00:00", "id": "SECURITYVULNS:DOC:29893", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29893", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:46:15", "description": "Quarterly update fixes 144 different vulnerabilities.", "edition": 2, "cvss3": {}, "published": "2014-05-05T00:00:00", "title": "Oracle / Sun / MySQL / PeopleSoft / OpenJDK applications multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-0371", "CVE-2012-3544", "CVE-2014-0400", "CVE-2013-5879", "CVE-2013-5876", "CVE-2013-5889", "CVE-2013-5909", "CVE-2014-0392", "CVE-2013-5873", "CVE-2013-5858", "CVE-2014-0405", "CVE-2013-5860", "CVE-2014-0367", "CVE-2014-0385", "CVE-2013-5878", "CVE-2014-0410", "CVE-2014-0398", "CVE-2013-5897", "CVE-2013-2071", "CVE-2014-0404", "CVE-2014-0415", "CVE-2014-0434", "CVE-2013-5884", "CVE-2014-0435", "CVE-2014-0443", "CVE-2013-5870", "CVE-2014-0390", "CVE-2013-5905", "CVE-2013-5880", "CVE-2013-5904", "CVE-2014-0391", "CVE-2013-5888", "CVE-2013-5893", "CVE-2014-0387", "CVE-2014-0393", "CVE-2014-0399", "CVE-2012-4605", "CVE-2013-5821", "CVE-2014-0431", "CVE-2013-5898", "CVE-2014-0427", "CVE-2014-0441", "CVE-2013-5900", "CVE-2013-1654", "CVE-2014-0433", "CVE-2014-0375", "CVE-2013-5886", "CVE-2014-0401", "CVE-2014-0396", "CVE-2014-0406", "CVE-2013-5872", "CVE-2014-0440", "CVE-2014-0425", "CVE-2013-5883", "CVE-2013-1862", "CVE-2013-5834", "CVE-2014-0418", "CVE-2014-0373", "CVE-2013-5877", "CVE-2013-5874", "CVE-2014-0439", "CVE-2014-0394", "CVE-2013-5887", "CVE-2014-0408", "CVE-2014-0376", "CVE-2014-0422", "CVE-2014-0419", "CVE-2014-0411", "CVE-2014-0369", "CVE-2014-0366", "CVE-2013-5882", "CVE-2013-5895", "CVE-2003-1067", "CVE-2014-0437", "CVE-2013-5885", "CVE-2013-5901", "CVE-2013-5881", "CVE-2013-2067", "CVE-2014-0389", "CVE-2014-0388", "CVE-2013-5899", "CVE-2014-0412", "CVE-2013-5896", "CVE-2013-3830", "CVE-2014-0417", "CVE-2014-0372", "CVE-2014-0407", "CVE-2013-5910", "CVE-2013-5906", "CVE-2014-0428", "CVE-2013-5891", "CVE-2014-0382", "CVE-2014-0370", "CVE-2013-5808", "CVE-2013-5871", "CVE-2014-0402", "CVE-2013-2924", "CVE-2014-0368", "CVE-2014-0420", "CVE-2013-5853", "CVE-2014-0423", "CVE-2013-5868", "CVE-2014-0430", "CVE-2014-0374", "CVE-2013-5875", "CVE-2013-5869", "CVE-2013-5907", "CVE-2014-0377", "CVE-2012-3499", "CVE-2013-5902", "CVE-2013-5894", "CVE-2013-5795", "CVE-2007-0009", "CVE-2013-5892", "CVE-2014-0381", "CVE-2014-0383", "CVE-2014-0424", "CVE-2014-0395", "CVE-2013-4316", "CVE-2014-0379", "CVE-2014-0403", "CVE-2013-5908", "CVE-2014-0386", "CVE-2007-1858", "CVE-2013-5785", "CVE-2014-0445", "CVE-2013-5764", "CVE-2014-0444", "CVE-2014-0378", "CVE-2013-5833", "CVE-2013-1620", "CVE-2013-5890", "CVE-2014-0416", "CVE-2014-0380", "CVE-2014-0438"], "modified": "2014-05-05T00:00:00", "id": "SECURITYVULNS:VULN:13537", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13537", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2021-10-19T18:40:40", "description": "The Apache HTTP Server is a popular web server.\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a user,\nwho was logged into the manager web interface, into visiting a\nspecially-crafted URL, it would lead to arbitrary web script execution in\nthe context of the user's manager interface session. (CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from\nits log file. If mod_rewrite was configured with the RewriteLog directive,\na remote attacker could use specially-crafted HTTP requests to inject\nterminal escape sequences into the mod_rewrite log file. If a victim viewed\nthe log file with a terminal emulator, it could result in arbitrary command\nexecution with the privileges of that user. (CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status,\nmod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could\npossibly use these flaws to perform XSS attacks if they were able to make\nthe victim's browser generate an HTTP request with a specially-crafted Host\nheader. (CVE-2012-3499)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon will be restarted automatically.\n", "cvss3": {}, "published": "2013-05-13T00:00:00", "type": "redhat", "title": "(RHSA-2013:0815) Moderate: httpd security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862"], "modified": "2018-06-06T16:24:10", "id": "RHSA-2013:0815", "href": "https://access.redhat.com/errata/RHSA-2013:0815", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:38:57", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nThis release serves as a replacement for Red Hat JBoss Web Server 2.0.0,\nand includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.0.1\nRelease Notes for information on the most significant of these changes,\navailable shortly from https://access.redhat.com/site/documentation/\n\nThe following security issues are also fixed with this release:\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server\nmod_proxy_balancer module's manager web interface. If a remote attacker\ncould trick a user, who was logged into the manager web interface, into\nvisiting a specially-crafted URL, it would lead to arbitrary web script\nexecution in the context of the user's manager interface session.\n(CVE-2012-4558)\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server\nmod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An\nattacker could possibly use these flaws to perform XSS attacks if they were\nable to make the victim's browser generate an HTTP request with a\nspecially-crafted Host header. (CVE-2012-3499)\n\nA session fixation flaw was found in the Tomcat FormAuthenticator module.\nDuring a narrow window of time, if a remote attacker sent requests while a\nuser was logging in, it could possibly result in the attacker's requests\nbeing processed as if they were sent by the user. (CVE-2013-2067)\n\nA denial of service flaw was found in the way the Tomcat chunked transfer\nencoding input filter processed CRLF sequences. A remote attacker could\nuse this flaw to send an excessively long request, consuming network\nbandwidth, CPU, and memory on the Tomcat server. Chunked transfer encoding\nis enabled by default. (CVE-2012-3544)\n\nA flaw was found in the way the Tomcat 7 asynchronous context\nimplementation performed request management in certain circumstances. If an\napplication used AsyncListeners and threw RuntimeExceptions, Tomcat could\nsend a reply that contains information from a different user's request,\npossibly leading to the disclosure of sensitive information. This issue\nonly affected Tomcat 7. (CVE-2013-2071)\n\nNote: Do not install Red Hat JBoss Web Server 2 on a host which has Red Hat\nJBoss Web Server 1 installed.\n\nWarning: Before applying the update, back up your existing Red Hat JBoss\nWeb Server installation (including all applications and configuration\nfiles).\n\nAll users of Red Hat JBoss Web Server 2.0.0 on Red Hat Enterprise Linux 5\nare advised to upgrade to Red Hat JBoss Web Server 2.0.1. The JBoss server\nprocess must be restarted for this update to take effect.\n", "cvss3": {}, "published": "2013-07-03T00:00:00", "type": "redhat", "title": "(RHSA-2013:1011) Moderate: Red Hat JBoss Web Server 2.0.1 update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-3544", "CVE-2012-4558", "CVE-2013-2067", "CVE-2013-2071"], "modified": "2018-08-09T15:46:59", "id": "RHSA-2013:1011", "href": "https://access.redhat.com/errata/RHSA-2013:1011", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T18:42:04", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nThis release serves as a replacement for Red Hat JBoss Web Server 2.0.0,\nand includes several bug fixes. Refer to the Red Hat JBoss Web Server 2.0.1\nRelease Notes for information on the most significant of these changes,\navailable shortly from https://access.redhat.com/site/documentation/\n\nThe following security issues are also fixed with this release:\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server\nmod_proxy_balancer module's manager web interface. If a remote attacker\ncould trick a user, who was logged into the manager web interface, into\nvisiting a specially-crafted URL, it would lead to arbitrary web script\nexecution in the context of the user's manager interface session.\n(CVE-2012-4558)\n\nCross-site scripting (XSS) flaws were found in the Apache HTTP Server\nmod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An\nattacker could possibly use these flaws to perform XSS attacks if they were\nable to make the victim's browser generate an HTTP request with a\nspecially-crafted Host header. (CVE-2012-3499)\n\nA session fixation flaw was found in the Tomcat FormAuthenticator module.\nDuring a narrow window of time, if a remote attacker sent requests while a\nuser was logging in, it could possibly result in the attacker's requests\nbeing processed as if they were sent by the user. (CVE-2013-2067)\n\nA denial of service flaw was found in the way the Tomcat chunked transfer\nencoding input filter processed CRLF sequences. A remote attacker could\nuse this flaw to send an excessively long request, consuming network\nbandwidth, CPU, and memory on the Tomcat server. Chunked transfer encoding\nis enabled by default. (CVE-2012-3544)\n\nA flaw was found in the way the Tomcat 7 asynchronous context\nimplementation performed request management in certain circumstances. If an\napplication used AsyncListeners and threw RuntimeExceptions, Tomcat could\nsend a reply that contains information from a different user's request,\npossibly leading to the disclosure of sensitive information. This issue\nonly affected Tomcat 7. (CVE-2013-2071)\n\nNote: Do not install Red Hat JBoss Web Server 2 on a host which has Red Hat\nJBoss Web Server 1 installed.\n\nWarning: Before applying the update, back up your existing Red Hat JBoss\nWeb Server installation (including all applications and configuration\nfiles).\n\nAll users of Red Hat JBoss Web Server 2.0.0 on Red Hat Enterprise Linux 6\nare advised to upgrade to Red Hat JBoss Web Server 2.0.1. The JBoss server\nprocess must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-07-03T15:40:17", "type": "redhat", "title": "(RHSA-2013:1012) Moderate: Red Hat JBoss Web Server 2.0.1 update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-3544", "CVE-2012-4558", "CVE-2013-2067", "CVE-2013-2071"], "modified": "2018-06-06T22:42:47", "id": "RHSA-2013:1012", "href": "https://access.redhat.com/errata/RHSA-2013:1012", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T04:44:15", "description": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nThis release serves as a replacement for Red Hat JBoss Enterprise\nApplication Platform 6.1.0, and includes bug fixes and enhancements. Refer\nto the 6.1.1 Release Notes for information on the most significant of these\nchanges, available shortly from\nhttps://access.redhat.com/site/documentation/\n\nSecurity fixes:\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status,\nmod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could\npossibly use these flaws to perform XSS attacks if they were able to make\nthe victim's browser generate an HTTP request with a specially-crafted Host\nheader. (CVE-2012-3499)\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a user,\nwho was logged into the manager web interface, into visiting a\nspecially-crafted URL, it would lead to arbitrary web script execution in\nthe context of the user's manager interface session. (CVE-2012-4558)\n\nA flaw was found in the way the mod_dav module handled merge requests. An\nattacker could use this flaw to send a crafted merge request that contains\nURIs that are not configured for DAV, causing the httpd child process to\ncrash. (CVE-2013-1896)\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially-crafted XML signature block. (CVE-2013-2172)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from\nits log file. If mod_rewrite was configured with the RewriteLog directive,\na remote attacker could use specially-crafted HTTP requests to inject\nterminal escape sequences into the mod_rewrite log file. If a victim viewed\nthe log file with a terminal emulator, it could result in arbitrary command\nexecution with the privileges of that user. (CVE-2013-1862)\n\nThe data file used by PicketBox Vault to store encrypted passwords contains\na copy of its own admin key. The file is encrypted using only this admin\nkey, not the corresponding JKS key. A local attacker with permission to\nread the vault data file could read the admin key from the file, and use it\nto decrypt the file and read the stored passwords in clear text.\n(CVE-2013-1921)\n\nA flaw was found in JGroup's DiagnosticsHandler that allowed an attacker on\nan adjacent network to reuse the credentials from a previous successful\nauthentication. This could be exploited to read diagnostic information\n(information disclosure) and attain limited remote code execution.\n(CVE-2013-4112)\n\nWarning: Before applying this update, back up your existing Red Hat JBoss\nEnterprise Application Platform installation and deployed applications.\nRefer to the Solution section for further details.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.1.0 on Red Hat\nEnterprise Linux 5 are advised to upgrade to these updated packages. The\nJBoss server process must be restarted for the update to take effect.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2013-09-04T00:00:00", "type": "redhat", "title": "(RHSA-2013:1207) Moderate: Red Hat JBoss Enterprise Application Platform 6.1.1 update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.4, "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-1921", "CVE-2013-2172", "CVE-2013-4112", "CVE-2013-6495"], "modified": "2016-04-04T14:31:11", "id": "RHSA-2013:1207", "href": "https://access.redhat.com/errata/RHSA-2013:1207", "cvss": {"score": 5.4, "vector": "AV:A/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T18:39:14", "description": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nThis release serves as a replacement for Red Hat JBoss Enterprise\nApplication Platform 6.1.0, and includes bug fixes and enhancements. Refer\nto the 6.1.1 Release Notes for information on the most significant of these\nchanges, available shortly from\nhttps://access.redhat.com/site/documentation/\n\nSecurity fixes:\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status,\nmod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could\npossibly use these flaws to perform XSS attacks if they were able to make\nthe victim's browser generate an HTTP request with a specially-crafted Host\nheader. (CVE-2012-3499)\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a user,\nwho was logged into the manager web interface, into visiting a\nspecially-crafted URL, it would lead to arbitrary web script execution in\nthe context of the user's manager interface session. (CVE-2012-4558)\n\nA flaw was found in the way the mod_dav module handled merge requests. An\nattacker could use this flaw to send a crafted merge request that contains\nURIs that are not configured for DAV, causing the httpd child process to\ncrash. (CVE-2013-1896)\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially-crafted XML signature block. (CVE-2013-2172)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from\nits log file. If mod_rewrite was configured with the RewriteLog directive,\na remote attacker could use specially-crafted HTTP requests to inject\nterminal escape sequences into the mod_rewrite log file. If a victim viewed\nthe log file with a terminal emulator, it could result in arbitrary command\nexecution with the privileges of that user. (CVE-2013-1862)\n\nThe data file used by PicketBox Vault to store encrypted passwords contains\na copy of its own admin key. The file is encrypted using only this admin\nkey, not the corresponding JKS key. A local attacker with permission to\nread the vault data file could read the admin key from the file, and use it\nto decrypt the file and read the stored passwords in clear text.\n(CVE-2013-1921)\n\nA flaw was found in JGroup's DiagnosticsHandler that allowed an attacker on\nan adjacent network to reuse the credentials from a previous successful\nauthentication. This could be exploited to read diagnostic information\n(information disclosure) and attain limited remote code execution.\n(CVE-2013-4112)\n\nWarning: Before applying this update, back up your existing Red Hat JBoss\nEnterprise Application Platform installation and deployed applications.\nRefer to the Solution section for further details.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.1.0 on Red Hat\nEnterprise Linux 6 are advised to upgrade to these updated packages. The\nJBoss server process must be restarted for the update to take effect.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2013-09-04T00:00:00", "type": "redhat", "title": "(RHSA-2013:1208) Moderate: Red Hat JBoss Enterprise Application Platform 6.1.1 update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.4, "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-1921", "CVE-2013-2172", "CVE-2013-4112", "CVE-2013-6495"], "modified": "2018-06-06T22:39:05", "id": "RHSA-2013:1208", "href": "https://access.redhat.com/errata/RHSA-2013:1208", "cvss": {"score": 5.4, "vector": "AV:A/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:37:06", "description": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nThis release serves as a replacement for Red Hat JBoss Enterprise\nApplication Platform 6.1.0, and includes bug fixes and enhancements. Refer\nto the 6.1.1 Release Notes for information on the most significant of these\nchanges, available shortly from\nhttps://access.redhat.com/site/documentation/\n\nSecurity fixes:\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status,\nmod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could\npossibly use these flaws to perform XSS attacks if they were able to make\nthe victim's browser generate an HTTP request with a specially-crafted Host\nheader. (CVE-2012-3499)\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a user,\nwho was logged into the manager web interface, into visiting a\nspecially-crafted URL, it would lead to arbitrary web script execution in\nthe context of the user's manager interface session. (CVE-2012-4558)\n\nA flaw was found in the way the mod_dav module handled merge requests. An\nattacker could use this flaw to send a crafted merge request that contains\nURIs that are not configured for DAV, causing the httpd child process to\ncrash. (CVE-2013-1896)\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially-crafted XML signature block. (CVE-2013-2172)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from\nits log file. If mod_rewrite was configured with the RewriteLog directive,\na remote attacker could use specially-crafted HTTP requests to inject\nterminal escape sequences into the mod_rewrite log file. If a victim viewed\nthe log file with a terminal emulator, it could result in arbitrary command\nexecution with the privileges of that user. (CVE-2013-1862)\n\nThe data file used by PicketBox Vault to store encrypted passwords contains\na copy of its own admin key. The file is encrypted using only this admin\nkey, not the corresponding JKS key. A local attacker with permission to\nread the vault data file could read the admin key from the file, and use it\nto decrypt the file and read the stored passwords in clear text.\n(CVE-2013-1921)\n\nA flaw was found in JGroup's DiagnosticsHandler that allowed an attacker on\nan adjacent network to reuse the credentials from a previous successful\nauthentication. This could be exploited to read diagnostic information\n(information disclosure) and attain limited remote code execution.\n(CVE-2013-4112)\n\nWarning: Before applying this update, back up your existing Red Hat JBoss\nEnterprise Application Platform installation and deployed applications.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.1.0 as\nprovided from the Red Hat Customer Portal are advised to upgrade to Red Hat\nJBoss Enterprise Application Platform 6.1.1.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2013-09-04T18:45:46", "type": "redhat", "title": "(RHSA-2013:1209) Moderate: Red Hat JBoss Enterprise Application Platform 6.1.1 update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.4, "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-1921", "CVE-2013-2172", "CVE-2013-4112", "CVE-2013-6495"], "modified": "2019-02-20T12:37:02", "id": "RHSA-2013:1209", "href": "https://access.redhat.com/errata/RHSA-2013:1209", "cvss": {"score": 5.4, "vector": "AV:A/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-21T23:31:29", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2637-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nMarch 04, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : apache2\nVulnerability : several issues\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-3499 CVE-2012-4558 CVE-2013-1048\n\nSeveral vulnerabilities have been found in the Apache HTTPD server.\n\nCVE-2012-3499\n\n The modules mod_info, mod_status, mod_imagemap, mod_ldap, and\n mod_proxy_ftp did not properly escape hostnames and URIs in\n HTML output, causing cross site scripting vulnerabilities.\n\nCVE-2012-4558\n\n Mod_proxy_balancer did not properly escape hostnames and URIs\n in its balancer-manager interface, causing a cross site scripting\n vulnerability.\n\nCVE-2013-1048\n\n Hayawardh Vijayakumar noticed that the apache2ctl script created\n the lock directory in an unsafe manner, allowing a local attacker\n to gain elevated privileges via a symlink attack. This is a Debian\n specific issue.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 2.2.16-6+squeeze11.\n\nFor the testing distribution (wheezy), these problems will be fixed in\nversion 2.2.22-13.\n\nFor the unstable distribution (sid), these problems will be fixed in\nversion 2.2.22-13.\n\nWe recommend that you upgrade your apache2 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-03-04T21:34:32", "type": "debian", "title": "[SECURITY] [DSA 2637-1] apache2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1048"], "modified": "2013-03-04T21:34:32", "id": "DEBIAN:DSA-2637-1:5E82E", "href": "https://lists.debian.org/debian-security-announce/2013/msg00043.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-08T12:09:24", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2637-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nMarch 04, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : apache2\nVulnerability : several issues\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-3499 CVE-2012-4558 CVE-2013-1048\n\nSeveral vulnerabilities have been found in the Apache HTTPD server.\n\nCVE-2012-3499\n\n The modules mod_info, mod_status, mod_imagemap, mod_ldap, and\n mod_proxy_ftp did not properly escape hostnames and URIs in\n HTML output, causing cross site scripting vulnerabilities.\n\nCVE-2012-4558\n\n Mod_proxy_balancer did not properly escape hostnames and URIs\n in its balancer-manager interface, causing a cross site scripting\n vulnerability.\n\nCVE-2013-1048\n\n Hayawardh Vijayakumar noticed that the apache2ctl script created\n the lock directory in an unsafe manner, allowing a local attacker\n to gain elevated privileges via a symlink attack. This is a Debian\n specific issue.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 2.2.16-6+squeeze11.\n\nFor the testing distribution (wheezy), these problems will be fixed in\nversion 2.2.22-13.\n\nFor the unstable distribution (sid), these problems will be fixed in\nversion 2.2.22-13.\n\nWe recommend that you upgrade your apache2 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-03-04T21:34:32", "type": "debian", "title": "[SECURITY] [DSA 2637-1] apache2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1048"], "modified": "2013-03-04T21:34:32", "id": "DEBIAN:DSA-2637-1:AC782", "href": "https://lists.debian.org/debian-security-announce/2013/msg00043.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:50", "description": "[2.2.15-28.0.1.el6_4]\n- replace index.html with Oracle's index page oracle_index.html\n update vstring in specfile\n[2.2.15-28]\n- mod_rewrite: add security fix for CVE-2013-1862 (#953729)\n[2.2.15-27]\n- add security fixes for CVE-2012-3499, CVE-2012-4558 (#915883, #915884)", "cvss3": {}, "published": "2013-05-13T00:00:00", "type": "oraclelinux", "title": "httpd security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-4558", "CVE-2013-1862", "CVE-2012-3499"], "modified": "2013-05-13T00:00:00", "id": "ELSA-2013-0815", "href": "http://linux.oracle.com/errata/ELSA-2013-0815.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2022-02-27T11:54:31", "description": "**CentOS Errata and Security Advisory** CESA-2013:0815\n\n\nThe Apache HTTP Server is a popular web server.\n\nCross-site scripting (XSS) flaws were found in the mod_proxy_balancer\nmodule's manager web interface. If a remote attacker could trick a user,\nwho was logged into the manager web interface, into visiting a\nspecially-crafted URL, it would lead to arbitrary web script execution in\nthe context of the user's manager interface session. (CVE-2012-4558)\n\nIt was found that mod_rewrite did not filter terminal escape sequences from\nits log file. If mod_rewrite was configured with the RewriteLog directive,\na remote attacker could use specially-crafted HTTP requests to inject\nterminal escape sequences into the mod_rewrite log file. If a victim viewed\nthe log file with a terminal emulator, it could result in arbitrary command\nexecution with the privileges of that user. (CVE-2013-1862)\n\nCross-site scripting (XSS) flaws were found in the mod_info, mod_status,\nmod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could\npossibly use these flaws to perform XSS attacks if they were able to make\nthe victim's browser generate an HTTP request with a specially-crafted Host\nheader. (CVE-2012-3499)\n\nAll httpd users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. After installing the updated\npackages, the httpd daemon will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2013-May/056639.html\nhttps://lists.centos.org/pipermail/centos-announce/2013-May/056640.html\nhttps://lists.centos.org/pipermail/centos-announce/2013-May/069197.html\n\n**Affected packages:**\nhttpd\nhttpd-devel\nhttpd-manual\nhttpd-tools\nmod_ssl\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2013:0815", "cvss3": {}, "published": "2013-05-13T22:32:03", "type": "centos", "title": "httpd, mod_ssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862"], "modified": "2013-05-14T11:49:25", "id": "CESA-2013:0815", "href": "https://lists.centos.org/pipermail/centos-announce/2013-May/056639.html", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T12:59:08", "description": "Niels Heinen discovered that multiple modules incorrectly sanitized certain \nstrings, which could result in browsers becoming vulnerable to cross-site \nscripting attacks when processing the output. With cross-site scripting \nvulnerabilities, if a user were tricked into viewing server output during a \ncrafted server request, a remote attacker could exploit this to modify the \ncontents, or steal confidential data (such as passwords), within the same \ndomain. (CVE-2012-3499, CVE-2012-4558)\n\nIt was discovered that the mod_proxy_ajp module incorrectly handled error \nstates. A remote attacker could use this issue to cause the server to stop \nresponding, resulting in a denial of service. This issue only applied to \nUbuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 11.10. (CVE-2012-4557)\n\nIt was discovered that the apache2ctl script shipped in Ubuntu packages \nincorrectly created the lock directory. A local attacker could possibly use \nthis issue to gain privileges. The symlink protections in Ubuntu 11.10 and \nlater should reduce this vulnerability to a denial of service. \n(CVE-2013-1048)\n", "cvss3": {}, "published": "2013-03-18T00:00:00", "type": "ubuntu", "title": "Apache HTTP Server vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1048", "CVE-2012-3499", "CVE-2012-4557", "CVE-2012-4558"], "modified": "2013-03-18T00:00:00", "id": "USN-1765-1", "href": "https://ubuntu.com/security/notices/USN-1765-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "metasploit": [{"lastseen": "2021-06-08T09:06:06", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "RHSA-2013:1011: Red Hat JBoss Web Server 2.0.1 update", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-3544", "CVE-2012-4558", "CVE-2013-2067", "CVE-2013-2071"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/LINUXRPM-RHSA-2013-1011/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-06-08T09:06:19", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "RHSA-2013:1012: Red Hat JBoss Web Server 2.0.1 update", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-3544", "CVE-2012-4558", "CVE-2013-2067", "CVE-2013-2071"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/LINUXRPM-RHSA-2013-1012/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-04-23T18:23:39", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "SUSE Linux Security Vulnerability: CVE-2012-3499", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/SUSE-CVE-2012-3499/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-04-23T18:23:42", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "IBM HTTP Server: CVE-2012-3499: Potential exposure in several IBM HTTP Server optional modules", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/IBM-HTTP_SERVER-CVE-2012-3499/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-04-23T18:23:37", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "Cent OS: CVE-2012-3499: CESA-2013:0815 (httpd)", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/CENTOS_LINUX-CVE-2012-3499/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-04-23T18:23:38", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "Apache HTTPD: XSS due to unescaped hostnames (CVE-2012-3499)", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/APACHE-HTTPD-CVE-2012-3499/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-04-23T18:23:39", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "Apache HTTPD: XSS in mod_proxy_balancer (CVE-2012-4558)", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4558"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/APACHE-HTTPD-CVE-2012-4558/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-04-23T18:23:38", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "Oracle Solaris 11: CVE-2012-4558: Vulnerability in Apache HTTP server", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4558"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/ORACLE-SOLARIS-CVE-2012-4558/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-04-23T18:23:44", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "HP-UX: CVE-2012-4558: Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary Code and other vulnerabilities", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4558"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/HPUX-CVE-2012-4558/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-04-23T18:23:36", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "SUSE Linux Security Vulnerability: CVE-2012-4558", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4558"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/SUSE-CVE-2012-4558/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-04-23T18:23:41", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "Cent OS: CVE-2012-4558: CESA-2013:0815 (httpd)", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4558"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/CENTOS_LINUX-CVE-2012-4558/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-06-08T09:06:05", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "RHSA-2013:1208: Red Hat JBoss Enterprise Application Platform 6.1.1 update", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.4, "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-1921", "CVE-2013-2172", "CVE-2013-4112"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/LINUXRPM-RHSA-2013-1208/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.4, "vector": "AV:A/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-06-08T09:06:03", "description": "\n", "edition": 2, "cvss3": {}, "published": "1976-01-01T00:00:00", "type": "metasploit", "title": "RHSA-2013:1207: Red Hat JBoss Enterprise Application Platform 6.1.1 update", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.4, "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-1921", "CVE-2013-2172", "CVE-2013-4112"], "modified": "1976-01-01T00:00:00", "id": "MSF:ILITIES/LINUXRPM-RHSA-2013-1207/", "href": "", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.4, "vector": "AV:A/AC:M/Au:N/C:P/I:P/A:P"}}], "httpd": [{"lastseen": "2021-07-28T15:48:19", "description": "Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.", "cvss3": {}, "published": "2012-07-11T00:00:00", "type": "httpd", "title": "Apache Httpd < 2.4.4 : XSS due to unescaped hostnames", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499"], "modified": "2013-02-25T00:00:00", "id": "HTTPD:96868C7098375E8AF5DFDC8E12CFD336", "href": "https://httpd.apache.org/security_report.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T15:48:19", "description": "Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.", "cvss3": {}, "published": "2012-07-11T00:00:00", "type": "httpd", "title": "Apache Httpd < 2.2.24 : XSS due to unescaped hostnames", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499"], "modified": "2013-02-25T00:00:00", "id": "HTTPD:FD1CC7EACBC758C451BA5B8D25FCB6DD", "href": "https://httpd.apache.org/security_report.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T15:48:19", "description": "A XSS flaw affected the mod_proxy_balancer manager interface.", "cvss3": {}, "published": "2012-10-07T00:00:00", "type": "httpd", "title": "Apache Httpd < 2.4.4 : XSS in mod_proxy_balancer", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4558"], "modified": "2013-02-25T00:00:00", "id": "HTTPD:F3F8B406C1D466C16D46C2BFD6505DEC", "href": "https://httpd.apache.org/security_report.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T15:48:19", "description": "A XSS flaw affected the mod_proxy_balancer manager interface.", "cvss3": {}, "published": "2012-10-07T00:00:00", "type": "httpd", "title": "Apache Httpd < 2.2.24 : XSS in mod_proxy_balancer", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4558"], "modified": "2013-02-25T00:00:00", "id": "HTTPD:B07D6585013819446B5017BD7E358E6F", "href": "https://httpd.apache.org/security_report.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debiancve": [{"lastseen": "2022-03-26T15:30:39", "description": "Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.", "cvss3": {}, "published": "2013-02-26T16:55:00", "type": "debiancve", "title": "CVE-2012-3499", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499"], "modified": "2013-02-26T16:55:00", "id": "DEBIANCVE:CVE-2012-3499", "href": "https://security-tracker.debian.org/tracker/CVE-2012-3499", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-26T15:30:39", "description": "Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.", "cvss3": {}, "published": "2013-02-26T16:55:00", "type": "debiancve", "title": "CVE-2012-4558", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4558"], "modified": "2013-02-26T16:55:00", "id": "DEBIANCVE:CVE-2012-4558", "href": "https://security-tracker.debian.org/tracker/CVE-2012-4558", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "seebug": [{"lastseen": "2017-11-19T17:46:22", "description": "BUGTRAQ ID: 58165\r\nCVE(CAN) ID: CVE-2012-3499\r\n\r\nApache HTTP Server\u662f\u5f00\u6e90HTTP\u670d\u52a1\u5668\u3002\r\n\r\nApache HTTP Server 2.4.4\u53ca\u4e4b\u524d\u7248\u672c\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u591a\u4e2aXSS\u6f0f\u6d1e\uff0c\u901a\u8fc7\u6a21\u5757(1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, (5) mod_status\u5185\u7684\u4e3b\u673a\u540d\u548cURI\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u6ce8\u5165\u4efb\u610fjs\u811a\u672c\u548cHTML\u3002\n0\nApache Group HTTP Server 2.4.x\r\nApache Group HTTP Server 2.2.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApache Group\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://httpd.apache.org/", "cvss3": {}, "published": "2013-02-28T00:00:00", "title": "Apache HTTP Server\u591a\u4e2a\u6a21\u5757\u4e3b\u673a\u540d\u548cURI\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-3499"], "modified": "2013-02-28T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60653", "id": "SSV:60653", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-11-19T17:46:23", "description": "BUGTRAQ ID: 58165\r\nCVE(CAN) ID: CVE-2012-4558\r\n\r\nApache HTTP Server\u662f\u5f00\u6e90HTTP\u670d\u52a1\u5668\u3002\r\n\r\nApache HTTP Server\u88ab\u62a5\u544a\u5b58\u5728\u591a\u4e2a\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u80fd\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u8fdb\u884c\u8de8\u7ad9\u811a\u672c\u653b\u51fb\u3002\r\n\r\n1\uff09mod_info, mod_ldap, mod_status, mod_imagemap, \u4ee5\u53camod_proxy_ftp\u6a21\u5757\u4e2d\u67d0\u4e9b\u4e0ehostnames\u548cURI\u76f8\u5173\u7684\u8f93\u5165\u6ca1\u6709\u7ecf\u8fc7\u6b63\u786e\u7684\u68c0\u67e5\u5373\u8fd4\u56de\u7ed9\u7528\u6237\u3002\r\n2\uff09\u4f20\u9012\u7ed9mod_proxy_balancer\u6a21\u5757\u7ba1\u7406\u63a5\u53e3\u7684\u67d0\u4e9b\u4e0d\u786e\u5b9a\u8f93\u5165\u6ca1\u6709\u7ecf\u8fc7\u6b63\u786e\u68c0\u67e5\u5373\u8fd4\u56de\u7ed9\u7528\u6237\u3002\r\n\r\n\u8fd9\u4e9b\u6f0f\u6d1e\u53ef\u80fd\u88ab\u6076\u610f\u653b\u51fb\u8005\u7528\u6765\u5728\u53d7\u5f71\u54cd\u7684\u7f51\u7ad9\u4e0a\u4e0b\u6587\u4e2d\u63d2\u5165\u4ee3\u7801\uff0c\u4ece\u800c\u5728\u7528\u6237\u6d4f\u89c8\u5668\u4f1a\u8bdd\u4e2d\u6267\u884c\u4efb\u610fHTML\u548c\u811a\u672c\u4ee3\u7801\u3002\r\n\r\n\u6f0f\u6d1e\u5f71\u54cd 2.2.24\u4e4b\u524d\u7684\u7248\u672c\u4ee5\u53ca2.4.4\u3002\r\n0\r\nApache Group HTTP Server 2.4.x\r\nApache Group HTTP Server 2.2.x\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApache Group\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://httpd.apache.org/", "cvss3": {}, "published": "2013-02-28T00:00:00", "title": "Apache HTTP Server balancer_handler\u51fd\u6570\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e(CVE-2012-4558)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-4558"], "modified": "2013-02-28T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60657", "id": "SSV:60657", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "cve": [{"lastseen": "2022-03-23T12:37:15", "description": "Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.", "cvss3": {}, "published": "2013-02-26T16:55:00", "type": "cve", "title": "CVE-2012-3499", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499"], "modified": "2021-06-06T11:15:00", "cpe": ["cpe:/a:apache:http_server:2.2.20", "cpe:/a:apache:http_server:2.2.22", "cpe:/a:apache:http_server:2.2.2", "cpe:/a:apache:http_server:2.2.12", "cpe:/a:apache:http_server:2.2", "cpe:/a:apache:http_server:2.2.3", "cpe:/a:apache:http_server:2.2.13", "cpe:/a:apache:http_server:2.2.14", "cpe:/a:apache:http_server:2.2.16", "cpe:/a:apache:http_server:2.4.1", "cpe:/a:apache:http_server:2.2.21", "cpe:/a:apache:http_server:2.2.6", "cpe:/a:apache:http_server:2.2.23", "cpe:/a:apache:http_server:2.2.1", "cpe:/a:apache:http_server:2.4.3", "cpe:/a:apache:http_server:2.4.2", "cpe:/a:apache:http_server:2.4.0", "cpe:/a:apache:http_server:2.2.11", "cpe:/a:apache:http_server:2.2.19", "cpe:/a:apache:http_server:2.2.17", "cpe:/a:apache:http_server:2.2.0", "cpe:/a:apache:http_server:2.2.10", "cpe:/a:apache:http_server:2.2.4", "cpe:/a:apache:http_server:2.2.9", "cpe:/a:apache:http_server:2.2.8", "cpe:/a:apache:http_server:2.2.18", "cpe:/a:apache:http_server:2.2.15"], "id": "CVE-2012-3499", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3499", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:58:13", "description": "Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.", "cvss3": {}, "published": "2013-02-26T16:55:00", "type": "cve", "title": "CVE-2012-4558", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4558"], "modified": "2021-06-06T11:15:00", "cpe": ["cpe:/a:apache:http_server:2.2.20", "cpe:/a:apache:http_server:2.2.22", "cpe:/a:apache:http_server:2.2.2", "cpe:/a:apache:http_server:2.2.12", "cpe:/a:apache:http_server:2.2", "cpe:/a:apache:http_server:2.2.3", "cpe:/a:apache:http_server:2.2.13", "cpe:/a:apache:http_server:2.2.14", "cpe:/a:apache:http_server:2.2.16", "cpe:/a:apache:http_server:2.4.1", "cpe:/a:apache:http_server:2.2.21", "cpe:/a:apache:http_server:2.2.6", "cpe:/a:apache:http_server:2.2.1", "cpe:/a:apache:http_server:2.2.23", "cpe:/a:apache:http_server:2.4.3", "cpe:/a:apache:http_server:2.4.2", "cpe:/a:apache:http_server:2.4.0", "cpe:/a:apache:http_server:2.2.11", "cpe:/a:apache:http_server:2.2.19", "cpe:/a:apache:http_server:2.2.17", "cpe:/a:apache:http_server:2.2.0", "cpe:/a:apache:http_server:2.2.10", "cpe:/a:apache:http_server:2.2.4", "cpe:/a:apache:http_server:2.2.9", "cpe:/a:apache:http_server:2.2.8", "cpe:/a:apache:http_server:2.2.18", "cpe:/a:apache:http_server:2.2.15"], "id": "CVE-2012-4558", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4558", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2021-11-22T21:53:56", "description": "Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP\nServer 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote\nattackers to inject arbitrary web script or HTML via vectors involving\nhostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4)\nmod_proxy_ftp, and (5) mod_status modules.", "cvss3": {}, "published": "2013-02-26T00:00:00", "type": "ubuntucve", "title": "CVE-2012-3499", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499"], "modified": "2013-02-26T00:00:00", "id": "UB:CVE-2012-3499", "href": "https://ubuntu.com/security/CVE-2012-3499", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-11-22T21:53:56", "description": "Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler\nfunction in the manager interface in mod_proxy_balancer.c in the\nmod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev\nand 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web\nscript or HTML via a crafted string.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | same commit as CVE-2012-3499\n", "cvss3": {}, "published": "2013-02-26T00:00:00", "type": "ubuntucve", "title": "CVE-2012-4558", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4558"], "modified": "2013-02-26T00:00:00", "id": "UB:CVE-2012-4558", "href": "https://ubuntu.com/security/CVE-2012-4558", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "f5": [{"lastseen": "2021-06-08T18:45:07", "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability for ARX, do not enable the API functionality.\n\nSupplemental Information\n\n * The **Management Access **chapter of the ARX CLI Reference Guide\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "cvss3": {}, "published": "2014-12-10T00:00:00", "type": "f5", "title": "SOL15900 - Apache HTTP server vulnerability CVE-2012-3499", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3499"], "modified": "2014-12-10T00:00:00", "id": "SOL15900", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/900/sol15900.html", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2021-06-08T18:45:09", "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability for ARX, do not enable the API functionality.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "cvss3": {}, "published": "2014-12-08T00:00:00", "type": "f5", "title": "SOL15899 - Multiple Apache vulnerabilities CVE-2012-4558, CVE-2012-0883, CVE-2011-3348, and CVE-2010-1452", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4558", "CVE-2012-0883", "CVE-2010-1452", "CVE-2011-3348"], "modified": "2014-12-08T00:00:00", "id": "SOL15899", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/800/sol15899.html", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "checkpoint_advisories": [{"lastseen": "2022-05-25T20:05:24", "description": "A cross site scripting vulnerability exists in Apache HTTP web server mod_proxy_balancer. The vulnerability is due to a lack of input validation in the URI of the mod_proxy_balancer manager interface. A remote attacker can exploit these vulnerabilities by enticing a user to follow a specially crafted web link. Successful exploitation could result in attacker controlled script code executing in the browser of the affected user.", "cvss3": {}, "published": "2013-03-24T00:00:00", "type": "checkpoint_advisories", "title": "Apache HTTPD mod_proxy_balancer Cross Site Scripting (CVE-2012-4558)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-4558"], "modified": "2022-05-25T00:00:00", "id": "CPAI-2013-1635", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}], "hackerone": [{"lastseen": "2018-04-19T17:34:10", "bounty": 0.0, "description": "Hello,\r\n\r\nYour current version of apache 2.2.22 for http://aanbieding.marktplaats.com is vulnerable to many issues like DoS, XSS and Code Exec\r\n\r\n1. DoS\r\nRefer:\r\nhttp://www.cvedetails.com/cve/CVE-2014-0231/\r\nhttp://www.cvedetails.com/cve/CVE-2014-0098/\r\nhttp://www.cvedetails.com/cve/CVE-2013-6438/\r\nhttp://www.cvedetails.com/cve/CVE-2013-1896/\r\n\r\n2. XSS\r\nRefer:\r\nhttp://www.cvedetails.com/cve/CVE-2012-4558/\r\nhttp://www.cvedetails.com/cve/CVE-2012-3499/\r\n\r\n3. Code Exec\r\nRefer:\r\nhttp://www.cvedetails.com/cve/CVE-2013-1862/\r\n\r\nPOC: Not available as it is well Known and fixed in newer versions of apache. \r\nPlease update it as soon as possible", "edition": 2, "cvss3": {}, "published": "2015-06-09T17:47:58", "type": "hackerone", "title": "Marktplaats: Multiple Apache 2.2.22 Vulnerabilities (XSS/ Code Exec/ DoS) ", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0231", "CVE-2012-4558", "CVE-2013-1896", "CVE-2014-0098", "CVE-2013-1862", "CVE-2013-6438", "CVE-2012-3499"], "modified": "2015-07-23T12:14:35", "id": "H1:66929", "href": "https://hackerone.com/reports/66929", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-12-02T19:26:25", "bounty": 0.0, "description": "URL https://\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588/ \nIdentified Version 2.2.15 (contains 4 important and 10 other vulnerabilities) \nLatest Version 2.2.31 \nVulnerability Database Result is based on 27.10.2016 vulnerability database content. \nVulnerability Details\n\n\nLink identified you are using an out-of-date version of Apache.\n\nImpact\n\nSince this is an old version of the software, it may be vulnerable to attacks.\n\nRemedy\n\n\nPlease upgrade your installation of Apache to the latest stable version.\n\nRemedy References\n\n\u2022Downloading the Apache HTTP Server\n\nKnown Vulnerabilities in this Version\n\n\nMedium Apache mod_cache and mod_dav Request Handling Denial of Service Vulnerability \n\nThe mod_cache and mod_dav modules in the Apache HTTP Server allow remote attackers to cause a denial of service (process crash) via a request that lacks a path. \n\nExternal References\n\u2022CVE-2010-1452 \n\nLow Apache APR-util apr_brigade_split_line() Denial of Service Vulnerability \n\nMemory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util), as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket. \n\nExternal References\n\u2022CVE-2010-1623 \n\nMedium Apache APR apr_fnmatch() Denial of Service Vulnerability\n\nStack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. \n\nExternal References\n\u2022CVE-2011-0419\n\nExploit\n\u2022http://www.securityfocus.com/data/vulnerabilities/exploits/47820.txt\n\nMedium Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability\n\nThe byterange filter in the Apache HTTP Server allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.\n\nExternal References\n\u2022CVE-2011-3192\n\nExploit\n\u2022http://www.securityfocus.com//data/vulnerabilities/exploits/49303.c\n\u2022 http://www.securityfocus.com/data/vulnerabilities/exploits/49303-2.c\n\nImportant Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability\n\nThe mod_proxy module in the Apache HTTP Server does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.\n\nExternal References\n\u2022CVE-2011-3368\n\nExploit\n\u2022http://www.securityfocus.com//data/vulnerabilities/exploits/49957.py\n\nImportant Apache HTTP Server Scoreboard Local Security Bypass Vulnerability\n\nscoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.\n\nExternal References\n\u2022CVE-2012-0031\n\nImportant Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability\n\nThe mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. \n\nExternal References\n\u2022CVE-2011-4317\n\nImportant Apache HTTP Server CVE-2011-3348 Denial Of Service Vulnerability\n\nThe mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary \"error state\" in the backend server) via a malformed HTTP request.\n\nExternal References\n\u2022CVE-2011-3348\n\nMedium mod_proxy_ajp DoS Vulnerability\n\nThe mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.\n\nExternal References\n\u2022CVE-2012-4557\n\nLow Apache Multiple XSS Vulnerability\n\nMultiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.\n\nExternal References\n\u2022CVE-2012-4558\n\nLow Apache Code Execution Vulnerability\n\nmod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.\n\nExternal References\n\u2022CVE-2013-1862\n\nLow Apache Denial of Service Vulnerabillity\n\nmod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.\n\nExternal References\n\u2022CVE-2013-1896\n\nLow Apache 'main/util.c' Denial of Service Vulnerability\n\nThe dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.\n\nExternal References\n\u2022CVE-2013-6438\n\nLow Apache 'mod_log_config.c' Denial of Service Vulnerability\n\nThe log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.\n\nExternal References\n\u2022CVE-2014-0098\n", "edition": 2, "cvss3": {}, "published": "2016-11-24T15:09:27", "type": "hackerone", "title": "U.S. Dept Of Defense: Out-of-date Version (Apache) ", "bulletinFamily": "bugbounty", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0086", "CVE-2010-1452", "CVE-2010-1623", "CVE-2011-0419", "CVE-2011-3192", "CVE-2011-3348", "CVE-2011-3368", "CVE-2011-4317", "CVE-2012-0031", "CVE-2012-4557", "CVE-2012-4558", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-6438", "CVE-2014-0098"], "modified": "2019-12-02T17:49:02", "id": "H1:184877", "href": "https://hackerone.com/reports/184877", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oracle": [{"lastseen": "2021-06-08T18:59:32", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.** This Critical Patch Update contains 144 new security fixes across the product families listed below.\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n", "edition": 2, "cvss3": {}, "published": "2014-01-14T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update - January 2014", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-0371", "CVE-2012-3544", "CVE-2014-0400", "CVE-2013-5879", "CVE-2013-5876", "CVE-2013-5889", "CVE-2013-2248", "CVE-2013-5909", "CVE-2007-0008", "CVE-2014-0392", "CVE-2013-5873", "CVE-2013-5858", "CVE-2014-0405", "CVE-2013-5860", "CVE-2014-0367", "CVE-2014-0385", "CVE-2013-5878", "CVE-2006-0999", "CVE-2014-0410", "CVE-2012-4558", "CVE-2014-0398", "CVE-2013-5897", "CVE-2013-2071", "CVE-2014-0404", "CVE-2014-0415", "CVE-2014-0434", "CVE-2013-5884", "CVE-2014-0435", "CVE-2014-0443", "CVE-2013-5870", "CVE-2014-0390", "CVE-2013-5905", "CVE-2013-5880", "CVE-2013-5904", "CVE-2014-0391", "CVE-2013-5888", "CVE-2013-5893", "CVE-2014-0387", "CVE-2013-2251", "CVE-2014-0393", "CVE-2014-0399", "CVE-2012-4605", "CVE-2013-5821", "CVE-2014-0431", "CVE-2013-5898", "CVE-2014-0427", "CVE-2014-0441", "CVE-2013-5900", "CVE-2013-1654", "CVE-2014-0433", "CVE-2014-0375", "CVE-2013-5886", "CVE-2014-0401", "CVE-2014-0396", "CVE-2014-0406", "CVE-2013-5872", "CVE-2014-0440", "CVE-2014-0425", "CVE-2013-5883", "CVE-2013-1862", "CVE-2013-5834", "CVE-2014-0418", "CVE-2014-0373", "CVE-2013-5877", "CVE-2013-5874", "CVE-2014-0439", "CVE-2014-0394", "CVE-2013-5887", "CVE-2014-0408", "CVE-2014-0376", "CVE-2014-0422", "CVE-2014-0419", "CVE-2014-0411", "CVE-2014-0369", "CVE-2014-0366", "CVE-2013-5882", "CVE-2013-5895", "CVE-2003-1067", "CVE-2014-0437", "CVE-2013-5885", "CVE-2013-5901", "CVE-2013-5881", "CVE-2013-2067", "CVE-2014-0389", "CVE-2014-0388", "CVE-2013-5899", "CVE-2014-0412", "CVE-2013-5896", "CVE-2013-3830", "CVE-2014-0417", "CVE-2014-0372", "CVE-2014-0407", "CVE-2013-5910", "CVE-2013-5906", "CVE-2014-0428", "CVE-2013-5891", "CVE-2014-0382", "CVE-2014-0370", "CVE-2013-5808", "CVE-2006-0998", "CVE-2013-2134", "CVE-2013-5871", "CVE-2014-0402", "CVE-2013-2924", "CVE-2013-4310", "CVE-2014-0368", "CVE-2014-0420", "CVE-2013-5853", "CVE-2014-0423", "CVE-2013-2135", "CVE-2013-5868", "CVE-2014-0430", "CVE-2014-0374", "CVE-2013-5875", "CVE-2013-5869", "CVE-2013-5907", "CVE-2014-0377", "CVE-2012-3499", "CVE-2013-5902", "CVE-2013-5894", "CVE-2013-5795", "CVE-2007-0009", "CVE-2013-5892", "CVE-2014-0381", "CVE-2014-0383", "CVE-2014-0424", "CVE-2014-0395", "CVE-2013-4316", "CVE-2014-0379", "CVE-2014-0403", "CVE-2013-5908", "CVE-2014-0386", "CVE-2007-1858", "CVE-2013-5785", "CVE-2014-0445", "CVE-2013-5764", "CVE-2014-0444", "CVE-2014-0378", "CVE-2013-5833", "CVE-2013-1620", "CVE-2013-5890", "CVE-2014-0416", "CVE-2014-0380", "CVE-2014-0438"], "modified": "2014-01-14T00:00:00", "id": "ORACLE:CPUJAN2014-1972949", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}